Seditio CMS 121 - 'pfs.php' Arbitrary File Upload

EDB-ID:

4235

Author:

A.D.T

Type:

webapps

Platform:

PHP

Published:

2007-07-27

# Seditio CMS Remote File Upload Vulnerability

# ReSearcher : A.D.T

# Script : Seditio and Ldu Cms

# Version : All Versions

# Script HomePage : http://neocrome.net/

# Dork : "powered by seditio" or "powered by ldu"

# Risk : Very High!

# Usage : Firstly, you register the victim web site. After, go to "pfs.php" and upload your evil script!

# [+] Your Evil Script : evilscriptname.php.gif or evilscriptname.php.jpg or evilscriptname.php.png

# Contact : a.d.t-gizliadres@hotmail.com

# HomePage : http://err0rgroup.org/    

# We Are : A.D.T | LaqNéS | KeyStr0ke |Pcq0 | Dümenci | SaLuR | Z@rih | 0ssi3 | Sanal-Tehlike | Lnt

# ...and thanks str0ke

# milw0rm.com [2007-07-27]