NAS Uploader 1.0/1.5 - Arbitrary File Upload

EDB-ID:

10430

CVE:

N/A

Author:

ViRuSMaN

Type:

webapps

Platform:

Linux

Published:

2009-12-14

##############################################################
|
| NAS Uploader [V1.0&1.5] Remote File Upload Vulnerability
|
| Author : [ViRuSMaN]
|
| Contact : [v.-m@live.com]
|
| Home : [Islam-Attack.CoM , HackTeach.OrG]
|
| Download : [http://www.nasuploader.com/nasuploader_v10_packdemo.php]
| [http://www.nasuploader.com/nasuploader_v15_packdemo.php]
|
##############################################################
|
|
| Exp :
|
| 1- Go to target.com/[path]/upload_multiple_js.php
|
| 2- Click On "Parcourir"
|
| 3- Upload Your Shell Format "shell.php.rar"
|
| 4- Pwd Your Shell [target.com/[path]/uploads/tests/shell.php.rar]
|
##############################################################
|
| Greets : All members of islam-attack.com , hackteach.org & Sec-Sni.Com All Muslim's
|
##############################################################