BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability

2008-12-22T00:00:00
ID SSV:10295
Type seebug
Reporter Root
Modified 2008-12-22T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ################## Piker #######################################
#
#
#    BLOG v1.55B Arbitrary File Upload Vulnerability
#

#
#    Affected software: BLOG v1.55B prior versions can be affected

#    Vendor: http://sourceforge.net/projects/kafooeyblog/
#    Risk: High
#
################################################################

#

#    http://[target]/[path]/lib/image_upload.php
#
#   This script only checks if the file you are uploading
#   is not a text/plain file so you can upload whatever
#   you want, for example a PHP Shell.
#

#   
################################################################
#
#         Found by Piker [piker0x90(at)gmail(dot)com]
#
#            D.O.M Labs - Security Researchers
#                   www.domlabs.org

#
#
################################################################