phpAdBoard suffers from an arbitrary file upload vulnerability.
0aba44bc76b4c145f87ad365915ce683.......................................................................
****(remote shell upload)****
script: phpAdBoard
***************************************************************************
download from:http://www.w2b.ru/download/phpAdBoard.zip
***************************************************************************
www.site.com/path/index.php
shell: www.site.com/path/photoes/number_shell.php
-----------------------------------------------------------------------------------------
dork:"powered by phpAdBoard"
if folder photoes is forbidden
after get upload file u do right-click and see image properties and u see address file.
------------------------------------------------------------------------------------------
**************************************************
Author: ahmadbady
**************************************************
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!