KCFinder 2.2 - Arbitrary File Upload

Author: saudi0hacker
type: webapps
platform: php
port: 
date_added: 2010-10-15 
date_updated: 2010-10-15 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comkcfinder-2.2.tar.gz

: # Exploit Title: kcfinder 2.2 upload shell                                                 :
: # Date: 15/10/2010                                                                         :
: # Author: saudi0hacker                                                                     :
: # Software Link:  http://kcfinder.sunhater.com/                                            :
: # Version: 2.x                                                                             :
: # Tested on: linux b0x                                                                     :
: # Greetz to : All of my Friends                                                            :
----------------------------------------------------------------------------------------------

 [~] STEP 1 > Go to target link

     http://localhost/KCFinder/browse.php

 [~] STEP 2 > upload your shell as [shell.php.jpg]

 [~] Th3 End