Mini File Host 1.x - Arbitrary '.PHP' File Upload

Author: Pouya_Server
type: webapps
platform: php
port: 
date_added: 2008-12-17 
date_updated:  
verified: 1 
codes: OSVDB-54242;CVE-2008-6785 
tags: 
aliases:  
screenshot_url:  
application_url: 

#########################################################
---------------------------------------------------------
Portal Name: Mini File Host
Version: All version
Vendor : http://www.galaxyscripts.com
Dork: inurl:index.php?page=img Powered By Mini File Host
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (Uploader Bypass)
---------------------------------------------------------
#########################################################
[Mime Check Bypass]:
create a file called name.php and fill it as below:
----------
GIF89aP;
[shell]
----------
Save and upload !

[Video]:
http://pouya2006.persiangig.com/UploadVideo/minifile.rar
---------------------------------

# milw0rm.com [2008-12-18]