Re: Phorm v3.0 Remote File Upload Vulnerability

[security curmudgeon <jericho () attrition org>]

: # Phorm v3.0  Remote File Upload Vulnerability
: 
: # ilker kandemir <ilkerkandemir[at]mynet.com>
: 
: 
: # Exploit: http://[site]/[phorm_path]/lib/fileupload.php           [+]=====>> upload your shell.php
: 
: # http://[site]/[phorm_path]/files/phpshell.php

This also won't work unless an administrator makes changes to 
intentionally compromise the installation.

http://attrition.org/pipermail/vim/2007-July/001735.html