Flashden - Multiple Arbitrary File Uploads

EDB-ID:

10236

CVE:

N/A


Author:

DigitALL

Type:

webapps


Platform:

PHP

Date:

2009-11-26


# Exploit Title: Flashden Shell Upload Vulnerability

# Date: 26.12.2009

# Author: DigitALL

# Greetz: Zombie KroNickq HackSpy and ALL 1923Turk.Biz Members

# Vendor: http://www.jurgenvisser.nl

# Version: 2.0

# Dork: inurl:"select_file2.php"

# Application: Please Add Files ( Your Shell ) And Upload.

# Shell: /test/shell.php --  /up/shell.php --  /upload/shell.php --  /beta/shell.php OR one back dir.