Data/File upload and management Arbitrary File Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Data/File upload and management Arbitrary File Upload Vulnerability
# Published : 2010-10-14
# Author : saudi0hacker
# Previous Title : Xlrstats 2.0.1 SQL Injection Vulnerability
# Next Title : Exponent CMS v0.97 Multiple Vulnerabilities

: # Exploit Title: Data/File upload and management local shell upload                        :
: # Date: 14/10/2010                                                                         :
: # Author: saudi0hacker                                                                     :  
: # Software Link:  http://resellscripts.info/index.php?route=product/product&product_id=137 :
: # Version: All version                                                                     :
: # Tested on: linux b0x                                                                     : 
: # Greetz to : All of my Friends                                                            :
----------------------------------------------------------------------------------------------

 [~] STEP 1 > Go to target link

     http://localhost/dataupload

 [~] STEP 2 > upload your shell as [shell.php.jpg :: or some times :: shell.php]

 [~] Th3 End