facebook facebook twitter rss

XENForo Arbitrary File Upload

Author: bRpsd , Published: 13-08-2014
Script ==> XENForo
Type ==> Arbitrary File Upload
Script Download ==> https://github.com/zenazn/hax/blob/master/avatar.php
Founder : bRpsd & Spyn3t
Dorks ====> inurl:avatar.php?User=&
Dork2 ====> inurl:avatar.php?User=& intext:Your current avatar:


Upload Shell & Bypass ..
Files will be found in the following path:

/images/avatars/uploaded/SHELL.PHP


Enjoy ~!

Like us on Facebook :