Unknown On 29/05/16



####################################
#
# Exploit Title: Joomla Plugins VMCUSTOM Arbitrary Fileupload
# Google Dork: inurl:/plugins/vmcustom/
# Date: 29/05/2016
# Exploit Author: AnoaGhost
# Vendor Homepage: http://extensions.joomla.org/extension/vm-custom-downloadable-products
# Software Link: http://shop.ekerner.com.au/index.php/shop/joomla-extensions/vmcustom-downloadable-detail
# Tested on: Windows, Linux
#
####################################
Poc :
site.com/path/plugins/vmcustom/photoupload/assets/server/php/
Exploit HTML :
http://pastebin.com/SRU1K7au
###########################################
Requid Files Type : PHP,HTML,JPG,PNG,JPEG,GIF
*Your access shell will see
Target :
http://speedyprintshop.com/plugins/vmcustom/photoupload/assets/server/php/
My Files :
http://speedyprintshop.com/tmp/nx_d5cc371096f4e5516bf0ea7b10707d68/0/11.png

Leave a Reply

Subscribe to Posts | Subscribe to Comments