ProfileCMS 1.0 - Remote File Upload Vulnerability Shell Upload Exploit

2007-10-29T00:00:00
ID EDB-ID:4586
Type exploitdb
Reporter r00t@zapak.com
Modified 2007-10-29T00:00:00

Description

ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit. CVE-2007-5720. Webapps exploit for php platform

                                        
                                            ProfileCMS v1.0 Shell Upload Exploit

Demo : http://slrate.com/

You can direct upload PHP shell instead of image while creating profile  at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images.

Dorks :

"Total Generators & Widgets"
"Powered By ProfileCMS v1.0"

# milw0rm.com [2007-10-29]