BLOG 1.55B image_upload.php Arbitrary File Upload Vulnerability

2008-12-21T00:00:00
ID EDB-ID:7537
Type exploitdb
Reporter Piker
Modified 2008-12-21T00:00:00

Description

BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability. CVE-2008-5732. Webapps exploit for php platform

                                        
                                            ################## Piker #######################################
#
#
#    BLOG v1.55B Arbitrary File Upload Vulnerability
#

#
#    Affected software: BLOG v1.55B prior versions can be affected

#    Vendor: http://sourceforge.net/projects/kafooeyblog/
#    Risk: High
#
################################################################

#

#    http://[target]/[path]/lib/image_upload.php
#
#   This script only checks if the file you are uploading
#   is not a text/plain file so you can upload whatever
#   you want, for example a PHP Shell.
#

#   
################################################################
#
#         Found by Piker [piker0x90(at)gmail(dot)com]
#
#            D.O.M Labs - Security Researchers
#                   www.domlabs.org

#
#
################################################################

# milw0rm.com [2008-12-21]