[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Battle Blog 1.25 (uploadform.asp) Arbitrary File Upload Vulnerability
# Published : 2009-05-08
# Author : Cyber-Zone
# Previous Title : Luxbum 0.5.5/stable (Auth Bypass) SQL Injection Vulnerability
# Next Title : RTWebalbum 1.0.462 (AlbumID) Blind SQL Injection Exploit
***********************************************************************
* Battle Blog 1.25 (uploadform.asp) Remote File Upload Vulnerability *
***********************************************************************
Found By : Cyber-Zone (ABDELKHALEK)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
http://localhost/blog/admin/uploadform.asp
After You Upload Your File You Will See The Link To THE File Just Below
some demos :+
http://www.xxx.com/admin/uploadform.asp
Have Nice Day //Cyber-Zone
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# www.Syue.com [2009-05-08]