[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : phpAdBoard (php uploads) Arbitrary File Upload Vulnerability
# Published : 2008-12-23
# Author : ahmadbady
# Previous Title : phpEmployment (php upload) Arbitrary File Upload Vulnerability
# Next Title : StormBoard 1.0.1 (thread.php id) SQL Injection Vulnerability
.......................................................................
****(remote shell upload)****
script: phpAdBoard
***************************************************************************
download from:http://www.w2b.ru/download/phpAdBoard.zip
***************************************************************************
www.site.com/path/index.php
shell: www.site.com/path/photoes/number_shell.php
-----------------------------------------------------------------------------------------
dork:"powered by phpAdBoard"
if folder photoes is forbidden
after get upload file u do right-click and see image properties and u see address file.
------------------------------------------------------------------------------------------
**************************************************
Author: ahmadbady
**************************************************
# www.Syue.com [2008-12-23]