Bugtraq mailing list archives
Re: Phorm v3.0 Remote File Upload Vulnerability
From: security curmudgeon <jericho () attrition org>
Date: Fri, 7 Dec 2007 02:24:20 +0000 (UTC)
: # Phorm v3.0 Remote File Upload Vulnerability : : # ilker kandemir <ilkerkandemir[at]mynet.com> : : : # Exploit: http://[site]/[phorm_path]/lib/fileupload.php [+]=====>> upload your shell.php : : # http://[site]/[phorm_path]/files/phpshell.php This also won't work unless an administrator makes changes to intentionally compromise the installation. http://attrition.org/pipermail/vim/2007-July/001735.html
Current thread:
- Re: Phorm v3.0 Remote File Upload Vulnerability security curmudgeon (Dec 07)