[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload Vulnerability
# Published : 2009-05-08
# Author : Cyber-Zone
# Previous Title : Luxbum 0.5.5/stable (Auth Bypass) SQL Injection Vulnerability
# Next Title : RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection Exploit


***********************************************************************
         *  Battle Blog 1.25 (uploadform.asp) Remote File Upload Vulnerability *
         ***********************************************************************
         

         Found By : Cyber-Zone (ABDELKHALEK)


 
         +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
         http://localhost/blog/admin/uploadform.asp
         
         After You Upload Your File You Will See The Link To THE File Just Below
         
         
         
         some demos :+
         
         http://www.xxx.com/admin/uploadform.asp
         
         
         
         
      
         Have Nice Day                                             //Cyber-Zone
         +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# www.Syue.com [2009-05-08]