Ourspace 2.0.9 - 'uploadmedia.cgi' Arbitrary File Upload

EDB-ID:

4343


Author:

Don

Type:

webapps


Platform:

CGI

Date:

2007-08-30


++++++++++++++++++++++++++++++++++++
| Discovered by Breaker_unit & Don |
| Ourspace 2.0.9|
script info: http://www.codedworld.com/download/our-space/26931.html

Exploit: /cgi-bin/ourspace/newswire/uploadmedia.cgi
dork: inurl:"/cgi-bin/ourspace/

Greetz to:
Balcan Crew Members
h4cky0u.org
and my friends: str0ke & kw3rLn
+++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2007-08-30]