[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Max's File Uploader File Upload Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Max's File Uploader File Upload Vulnerability
- From: xcross87@xxxxxxxxx
- Date: 15 Jan 2008 15:12:26 -0000
# Max's File Uploader File Upload Vulnerability
# Homepage: http://www.phpf1.com/
# Download: http://www.phpf1.com/download.html?item=9
# Dork: intitle:"Max's File Uploader" (maybe ^^)
# Found by : Xcross87 | xcross87.info | hcegroup.net
Simply upload a shell (*.php), it will be stored in the same level.
# Example:
http://[site]/[path]/index.php
Upload a shell: xshell.php
-> http://[site]/[path]/xshell.php
[^$^] Enjoy !
# - by Xcross87 - #