SpawCMS Editor – Arbitrary File Upload

• Exploit Database
• 118 阅读

• 作者： j4ck
  日期： 2010-01-06
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11045/
• 1 2 3 4 5 6 7 8 9 10 11 12 13

  # Author: j4ck # j4ck from elitehackers.pl [j4ck.root@gmail.com]   #######   just go to directory   http:/server/[path]/spaw/demo.php then use image Upload, select all filetypes, and You can upload your evil PHP code, for example phpshell.   Shell will be uploaded to selected directory.