GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: GreenBeast CMS <= 1.3 PHP Arbitrary File Upload Vulnerability
From: skulmatic@xxxxxxxxx
Date: 7 Nov 2006 09:36:34 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

GreenBeast CMS v.1.3

########################################################################

Memanfaatkan uploader GreenBeast CMS

Found  by    =  skulmatic ( skulmatic [at] gmail.com )

Script site   =  http://greenbeastcms.com


Vulnerable  = "gbcms_php_files/up_loader.php"

                    http://[site]/gbcms_php_files/up_loader.php


Dork       =  gbcms_login.php

########################################################################

-----
Original Advisor
http://newhack.org/advisories/GreenBeastCMS.txt

Prev by Date: [ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability
Next by Date: [ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities
Previous by thread: [ MDKSA-2006:199 ] - Updated libx11 packages fix file descriptor leak vulnerability
Next by thread: [ MDKSA-2006:198 ] - Updated imlib2 packages fix several vulnerabilities
Index(es):
- Date
- Thread