EAFlashUpload 2.5 - Arbitrary File Upload

EDB-ID:

17016

CVE:

N/A




Platform:

ASP

Date:

2011-03-21


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: EAFlashUpload v 2.5 File Arbitrary Upload
# Date: 21/03/2011
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software: EAFlashUpload v 2.5
# Software Link: http://www.easyalgo.com/downloads.aspx#EAFlashUpload
# Demo: http://www.site.com/examples/eaflashupload/simpleupload.aspx
 
[Comment]
Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,
Login-Root, KikoArg, Ricota,
Truenex, TsunamiBoom, _tty0, Big, Sunplace, Killerboy,Erick
Jordan,Animacco ,yojota, Pablin77, SPEED, Knet, Cereal,
MagnoBalt,l0ve, NetToxic,
Gusan0r, Sabertrail, Maxi Soler, Darioxhcx,r0dr1,y0u-know.
Dedicatoria especial para SIR