PG Social Networking --Shell upload Vulnerabilty

vendor:

PG Social Networking

by:

SONiC

7,5

CVSS

HIGH

Shell Upload Vulnerability

N/A

CWE

Product Name: PG Social Networking

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

PG Social Networking –Shell upload Vulnerabilty

PG Social Networking lets users start their own Social Networking Site with many advanced features. With the Social Networking Software, members can create profiles, search for others, instant message each other, and much more. An exploit exists that allows attackers to upload a shell as an image file.

Mitigation:

N/A

Source

Exploit-DB raw data:

==============================================================
PG Social Networking  --Shell upload  Vulnerabilty 
==============================================================


Name :  PG Social Networking --Shell upload  Vulnerabilty 
Date : july 9,2010
Critical Level     :VERY HIGH
vendor URL :http://www.datingpro.com/social
Price:$739

Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>

special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x

greetz to :www.topsecure.net ,All ICW members , iNj3cT0r.com, www.andhrahackers.com

special Shoutz : my Girl Frnd [H*****] 

###################################
I'm SONiC member from Inj3ct0r Team
################################### 
Description :

PG Social Networking lets you start your Social Networking Site with many of the advanced features. With our Social Networking Software members can create profiles, search for others, instant message each other, and much much more!


#######################################################################################################
eXploit :Shell Upload  vulnerabilty

DEMO URL http://demo.site.com/social/myprofile.php

Could be able to Upload shell as Image file




###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco