LionWiki 3.X (index.php) Shell Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : LionWiki 3.X (index.php) Shell Upload Vulnerability
# Published : 2010-04-05
# Author : ayastar
# Previous Title : jevoncms (LFI/RFI) Multiple Vulnerabilities
# Next Title : ilchClan <= 1.0.5 (cid) SQL Injection Vulnerability & Exploit

# Exploit Title: LionWiki 3.X (index.php) upload shell
# Date: monday 05 april 2010
# Author: ayastar
# Software Link: http://lionwiki.0o.cz
# Version: 3.X
# Tested on: ubuntu 9.10 (english )
# CVE : [yes]
# Code : [exploit code]

hi brother's and all muslims
this is my first bug :)

dork : "powered by LionWiki "

exploit :

http://victim/path/index.php?action=upload
http://victim.com/path/?action=upload


ah (note)" you can't upload you're shell code if admin create password "

contacte my in
dmx-ayastar@hotmail.fr


cretz for alah and  all muslims and all hacker and all tryagian ( ayastar) :)