ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit
# Published : 2007-10-29
# Author : r00t@zapak.com
# Previous Title : MySpace Resource Script (MSRS) 1.21 RFI Vulnerability
# Next Title : JobSite Professional 2.0 file.php Remote SQL Injection Vulnerability

ProfileCMS v1.0 Shell Upload Exploit

Demo : http://slrate.com/

You can direct upload PHP shell instead of image while creating profile  at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images.

Dorks :

"Total Generators & Widgets"
"Powered By ProfileCMS v1.0"

# www.Syue.com [2007-10-29]