Iamma Simple Gallery 1.0/2.0 - Arbitrary File Upload

Author: x0r
type: webapps
platform: php
port: 
date_added: 2008-10-21 
date_updated: 2017-01-02 
verified: 1 
codes: OSVDB-49260;CVE-2008-6084 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comIamma_Upload_1.0.zip

Found by: X0r
Iamma Simple Gallery Arbitrary File Upload
Version: 1,2 (?)
Email: evolutionteam.x0[at]gmail[dot]com
Script
Download:http://www.matteoiammarrone.com/public/modules.php?name=Downloads&d_op=getit&lid=4

Script Download
2:http://www.pierotofy.it/pages/download.php?filename=100p97q116r97s47t112a114i111f103g114h97n109o115l47m80b72c80d47e105u115v103z50p46q122r105s112t

Bug: There isn't any check for file extensions.

Exploit: http://[site]/[path]/upload.php


// X0r - EvolutionTeaM

# milw0rm.com [2008-10-22]