Add An Ad Script - Arbitrary File Upload

EDB-ID:

10612

CVE:

N/A


Author:

MR.Z

Type:

webapps


Platform:

PHP

Date:

2009-12-23


################################################
|
| Add An Ad Script ~ Remote PHP File Upload
|
| it works with Add An Ad Cart script and Add An Event script
|
| Site : http://www.addanad.com/
|
| Download :
| http://www.addanad.com/addanad/product.php?id=1 [ Add An Ad Cart ]
| http://www.addanad.com/addanad/product.php?id=14 [ Add An Event ]
|
| Found by : MR.Z
|
|Contact : tzar-rules-da-world@hotmail.com
################################################
|
|Dork : in your dreams :)
|
|Exploit :
|
| 1- go to www.site.com/path/adminscripts/uploadfile.php
| 2- select your shell and upload
| 3- the script will show the shell link after uploading
|
################################################
|
|Greetz :- all muslims , ViRuSMaN , Evil - Coder and all member of [www.Islam-Attack.com]
|
################################################