Limny 1.01 - Arbitrary File Upload

EDB-ID:

11377

CVE:


EDB Verified:

Author:

JIKO

Type:

webapps

Exploit:   /  

Platform:

PHP

Date:

2010-02-09

Vulnerable App: 
----------[exploit Debut]
[Remote File Upload Vulnerability]
----------[Script Info]

Moi    : JIKO
Site    : No-exploit.Com
Email    : :(

----------[Script Info]

Site:http    : limny.org

----------[exploit Info]

1]~[3 Action]
    the first setup register if the register active
http://server/Path/
    the second setup go to edit your  avatar
http://server/limny/uajax.php?page=avatar&id=[ your ID or id for a member you can change here avatar]
    now go to
path/uploads/[your file || jawa.php]

----------[Thanks]
  HxH, Cyb3r-DeViL, The Sadhacker, kasper,  SkuLL-HacKeR Member No-exploit.Com,all friends
----------[exploit Fin]
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services