Memberkit 1.0 Remote File Upload

2008-12-31T00:00:00
ID PACKETSTORM:73488
Type packetstorm
Reporter Lo$er
Modified 2008-12-31T00:00:00

Description

                                        
                                            `=================================================================  
=================Memberkit 1.0 Remote File Upload================  
=================================================================  
  
Vendor: http://www.memberkit.com/  
Discovered: 12-30-08  
Discovered By: Lo$er  
Dork: "Powered by MemberKit"  
  
====Exploit====  
  
After registered and logged in, a user can upload any type of file in "My Picture Album" where a picture would usually be uploaded.   
For example, if the file "shell.php" was uploaded to somesite.com, its location would likely be  
  
http://somesite.com/uploads/pictures/pictures/[user]/[picture number]_shell.php   
  
The location of the file can also easily be found by using your browser's "view image" function where the image would appear regularly.   
  
===<3===  
lots of lub to (irc.)r00tsecurity.org and all of #r00tsecurity  
`