Sunday, 23 November 2014

Investigator finds vulnerability in ebay web sites as well as claims he uploaded a shell on ebay

Leave a Comment

Michael jordan Jones(@CEHSecurity), any Protection examiner, claims to own found a crucial security weeknesses within the auction web sites web site intended for staff members which authorized them to be able to publish any backdoor shell.
Michael jordan explained in his twitter that he recommended about the weeknesses to be able to auction web sites. A new screenshot published in his tweets bank account implies that they can publish any 'shell. php' data file within the subsequent area:

"https: //dsl. auction web sites. com/wp-includes/Text/Diff/Engine/shell. php"

At the time of publishing, the data file remains. The final changed day in the data file is actually 12 , 2012. It truly is pretty doable to change the TimeStamp. And so, i am unclear through if your data file possibly there is.

Seeking to accessibility the covering results in blank site. It means often the examiner possess changed the covering to own only if a unique enter is actually handed down or even it's not at all any covering.

Michael jordan in addition have found any corner website scripting weeknesses within the auction web sites Investigation Labs page(labs. auction web sites. com).


Post a Comment