Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload

EDB-ID:

8647




Platform:

PHP

Date:

2009-05-08


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

         ***********************************************************************
         *  Battle Blog 1.25 (uploadform.asp) Remote File Upload Vulnerability *
         ***********************************************************************
         

         Found By : Cyber-Zone (ABDELKHALEK)


 
         +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
         http://localhost/blog/admin/uploadform.asp
         
         After You Upload Your File You Will See The Link To THE File Just Below
         
         
         
         some demos :+
         
         http://www.xxx.com/admin/uploadform.asp
         
         
         
         
      
         Have Nice Day                                             //Cyber-Zone
         +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2009-05-08]