Eduha Meeting php shell upload Vulnerabilities

2006-06-18T00:00:00
ID SECURITYVULNS:DOC:13235
Type securityvulns
Reporter Securityvulns
Modified 2006-06-18T00:00:00

Description

Eduha Meeting php shell upload Vulnerabilities

Site:http://eduha.forever.kz/ Demo:http://nextlevel.astrakhan.ru/meeting/


Example:

http://victim/path/index.php?act=add

add photo(upload php phpshell)

Bug Video: http://www.biyosecurity.be/video/meeting.rar

Credit :Liz0ziM Website:www.biyo.tk,www.biyosecurity.be Mail :liz0@bsdmail.com


Source: http://www.blogcu.com/Liz0ziM/716541/ http://biyosecurity.be/bugs/meeting.txt http://liz0zim.no-ip.org/meeting.txt