"Simple 53" upload vulnerability
Web Application
vulnerability in
"Simple Upload 53"
PHP file allows an
attacker to upload
Backdoor shell code in
your website.
"inurl:simple-
upload-53.php"
using this google
search , you can find
the vulnerable Sites.
If you want to find
the vulnerability in
your web application,
use this google dark:
" inurl:simple-
upload-53.php
site:Your-Site.com"
After you search in
google; if you find
any page ends with
"simple-
upload-53.php" ,
follow the link.
Example:
hxxp://
www.target_site.
com/simple-
upload-53.php
Now you can see the
upload option in the
site. Here is the
biggest problem, it
allows anyone to
upload files.
An attacker can
upload Backdoor shell
as ".php.jpg" or
".php.gif" etc.
The uploaded shell
will be in this place:
hxxp://
www.target_site.
com/files/
Your_file_With_
Extension
After uploading the
shell , an attacker
can deface your site.
So better check
whether your site
also has this
vulnerability or not.
vulnerability in
"Simple Upload 53"
PHP file allows an
attacker to upload
Backdoor shell code in
your website.
"inurl:simple-
upload-53.php"
using this google
search , you can find
the vulnerable Sites.
If you want to find
the vulnerability in
your web application,
use this google dark:
" inurl:simple-
upload-53.php
site:Your-Site.com"
After you search in
google; if you find
any page ends with
"simple-
upload-53.php" ,
follow the link.
Example:
hxxp://
www.target_site.
com/simple-
upload-53.php
Now you can see the
upload option in the
site. Here is the
biggest problem, it
allows anyone to
upload files.
An attacker can
upload Backdoor shell
as ".php.jpg" or
".php.gif" etc.
The uploaded shell
will be in this place:
hxxp://
www.target_site.
com/files/
Your_file_With_
Extension
After uploading the
shell , an attacker
can deface your site.
So better check
whether your site
also has this
vulnerability or not.
Comments
Post a Comment