[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : SpawCMS Editor Shell Upload Vulnerability
# Published : 2010-01-06
# Author : j4ck
# Previous Title : RoundCube Webmail Multiple Vulerabilities
# Next Title : YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability


# Author: j4ck
# j4ck from elitehackers.pl [j4ck.root@gmail.com]

#######

just go to directory

http:/server/[path]/spaw/demo.php
then use image Upload, select all filetypes, and
You can upload your evil PHP code, for example phpshell.

Shell will be uploaded to selected directory.