S9Y Serendipity 1.5.4 - Arbitrary File Upload



EKU-ID: 21966 CVE: OSVDB-ID:
Author: pentesters.ir Published: 2010-12-21 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


In The Name Of GOD
[+] Exploit Title:remote 0day file upload
[+] Date: 2010
[+] script:Serendipity 1.5.4
[+] Software Link: http://www.s9y.org/12.html
[+] Author  : pentesters.ir
[+]discovered by:ahmadbady
[+] Contact : kivi_hacker666@yahoo.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, navid, ...
[+]dork:"Powered by s9y"  and  "Powered by serendipity"
----------------------------------------------------------------------------
up:
/path/htmlarea/plugins/ExtendedFileManager/manager.php

shell:
/htmlarea/plugins/ExtendedFileManager/demo_images/shell.php.gif
------------------------------------------------------------------------------