[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : elkagroup Image Gallery 1.0 Arbitrary File Upload Vulnerability
# Published : 2009-04-22
# Author : Securitylab.ir
# Previous Title : Dokeos LMS <= 1.8.5 (include) Remote Code Execution Exploit
# Next Title : 5 star Rating 1.2 (Auth Bypass) SQL Injection Vulnerability
######################### Securitylab.ir ########################
# Application Info:
# Name: elkagroup Image Gallery
# Dork: elkagroup - Image Gallery v1.0 - All right reserved
#################################################################
# Discoverd By: Securitylab.ir
# Website: http://Securitylab.ir
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir
#################################################################
# Vulnerability Info:
# Type: Arbitrary File Upload Vulnerability
# Risk: High
#===========================================================
# Register here:
# http://site.ir/gallery/register.php
#
# Login:
# http://site.ir/gallery/login.php
#
# Go to this link:
# http://site.ir/gallery/upload.php
#
# Upload your script's shell,See your shell here:
# http://site.ir/gallery/pictures
#===========================================================
#
# Securitylab Security Research Team
###################################################################
# www.Syue.com [2009-04-22]