TMEDIT POPUOP VULNERABILITY

"TMEDIT POPUOP" DEFACE AND SHELL UPLOAD VULNERABILITY



zac+efron+2012.jpg (642×374) 


Dork: inurl:/editor/tmedit/popups
Exploit Path : /editor/tmedit/popups/InsertFile/insert_file.php
#start :)
open Google.com or Bing.com and type this dork inurl:/editor/tmedit/popups
i got 9740 vulnrable results, now select any site from seacrh result and look for upload option on that Page now upload you shell, deface page, or anyfile there,
After uploading your  file  you'll see your uploaded file's url there, if you are not getting any perview url then goto /images directory to view your uploaded file 
for example : http://vulnrablesite.com/images/yourfilehere

0 comments: