header-logo
Suggest Exploit
vendor:
N/A
by:
sec-war.com
9,3
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Upload Shell Vulnerability

This vulnerability allows an attacker to upload malicious files to a vulnerable web server. The attacker can upload a malicious file such as a shell script, which can be used to gain access to the server. The attacker can then execute arbitrary code on the server.

Mitigation:

Ensure that the web server is configured to only allow the upload of files with specific extensions, and that the files are scanned for malicious content.
Source

Exploit-DB raw data:

# Version: v1.3

============================================================
www.sec-war.com
============================================================


1- upload shell with:

shell.php.jpg
shell.php.gif
shell.php.htm
shell.htm
shell.php.jpeg
shell.php.bmp

2- Go to shell link :

Example : http://www.site.com/path/store/shell.php.gif


==========================================================
To connect : r0t@hotmail.es
==========================================================

Greetz To : Alnjm33 - ShoOt3r - red virus - pRedAtOr - Elkatrez Elmodamer - Egy-sn!p3r

==========================================================

Navigation

Suggest Exploit

Services By CQR