Easy File Uploader - Arbitrary File Upload

Author: Daniel Godoy
type: webapps
platform: php
port: 
date_added: 2017-04-27  
date_updated: 2017-04-27  
verified: 0  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 41944.txt  

# Exploit Title: Easy File Uploader  - Arbitrary File Upload
# Date: 27/04/2017
# Exploit Author: Daniel Godoy
# Vendor Homepage: https://codecanyon.net/
# Software Link: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287
# Tested on: GNU/Linux
# GREETZ: Rodrigo Mouriño, Rodrigo Avila, #RemoteExecution Team


POC

Drop file php (shell.php) to upload.
access to http://poc_site/fileFolder/shell.php and enjoy!