greeting card remote Upload File vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201027264
Type myhack58
Reporter 佚名
Modified 2010-06-17T00:00:00


greeting card program the presence of a remote file upload vulnerability, a registered user login you can upload a php executable code.

Google Dork : "Send amazing greetings to your friends and relative!"

trojandownloader :

First register and the site and go to upload the cards (after registration to upload)

After you have uploaded your shells , you will find it in this Path :


demo : http://server/cards/1275663706_thumb_oujda.php