"Add Testimonial" ~ remote File upload vulnerability.
“Add Testimonial” ~ remote File upload vulnerability.
Google Dork : 2011 all rights reserved.Website Designed by GanjaDaddy.com
Google Dork : 2011 all rights reserved.Website Designed by GanjaDaddy.com
[#1] Open website ..
[#2] Go to this URL : testimonial/add.html.php
For example : http://Site.com/testimonial/add.html.php
[#3] Now Upload Your Deface or any file
[#3] Now Upload Your Deface or any file
[#4] to view you upload file go to /images/testimonial/ , you’ll se index of files here … click on last file, its urs !!
[#5] enjOy =) Leave a Comment beLow if you Like it
Demo :
http://sdhealingarts.com/testimonial/add.html.php?
http://slangmediagroup.com/testimonial/add.html.php?
http://thepharmcollective.com/testimonial/add.html.php?
http://www.ganjadaddy.com/demo/firestation/testimonial/add.html.php?
Result : http://slangmediagroup.com/images/testimonial/testim_20111218213043
http://www.ganjadaddy.com/demo/firestation//images/testimonial/testim_20111218215509
Read more: "Add Testimonial" ~ remote File upload vulnerability.
Story added 28. September 2015, content source with full text you can find at link above.