exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Sflog! CMS 1.0 Arbitrary File Upload https://packetstormsecurity.com/files/116328/sflog_upload_exec.rb.txt https://packetstormsecurity.com/files/116328/sflog_upload_exec.rb.txt https://packetstormsecurity.com/files/116328/Sflog-CMS-1.0-Arbitrary-File-Upload.html Fri, 07 Sep 2012 03:39:55 GMT This Metasploit module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close