PHPAuctionSystem registration file upload vulnerability-vulnerability warning-the black bar safety net

2010-06-22T00:00:00
ID MYHACK58:62201027318
Type myhack58
Reporter 佚名
Modified 2010-06-22T00:00:00

Description

·PHPAuctionSystem registration file upload vulnerability

PHPAuctionSystem registered members sign in the presence of arbitrary file upload vulnerability. Step 1: register as a user:)

Step 2: Go to the/visit the sell item option

Demo URL: http:// www.hack58.com/ select_category.php it?

Step 3: Upload a PHP Backdoor

Step 4: check your project to get the shell's address. Demo URL: http:// www.hack58.com / sell.php:)

Publishing author: Sid3^effects aKa HaRi Affected versions: Image Store V 1.0 Official address: http://www.phpauctions.info