Easy CMS 0.1.2 Php Shell Upload Vulnerabilities ---------------------------------------------------- site:http://sourceforge.net/projects/php-easy-cms/ demo:http://www.easy-cms.be/ -------------------------------------------------- Bug: 1)http://victim/choose_file.php Documents Images Scripts Styles Templates Add a directory Add a file 2)click add a file and upload shell.php.gif http://victim/Repositories/shell.php.gif Example bug video download here http://biyosecurity.be/video/easycms.rar ---------------------------------------------------------- Credit:Liz0ziM Mail:liz0@xxxxxxxxxxx Site:www.biyo.tk,www.biyosecurity.be --------------------------------------------------------------- Source: http://biyosecurity.be/bugs/easycms.txt http://www.blogcu.com/Liz0ziM/719389/ http://liz0zim.no-ip.org/easycms.txt
