SpawCMS Editor Shell Upload Vulnerability

2010-01-07T00:00:00
ID SSV:15201
Type seebug
Reporter Root
Modified 2010-01-07T00:00:00

Description

No description provided by source.

                                        
                                            
                                                # Author: j4ck
# j4ck from elitehackers.pl [j4ck.root@gmail.com]
 
#######
 
just go to directory
 
http:/server/[path]/spaw/demo.php
then use image Upload, select all filetypes, and
You can upload your evil PHP code, for example phpshell.
 
Shell will be uploaded to selected directory.