BLOG 1.55B - 'image_upload.php' Arbitrary File Upload

Author: Piker
type: webapps
platform: php
port: 
date_added: 2008-12-20 
date_updated: 2017-01-06 
verified: 1 
codes: OSVDB-50876;CVE-2008-5732 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comblog-1.55b.zip

################## Piker #######################################
#
#
#    BLOG v1.55B Arbitrary File Upload Vulnerability
#

#
#    Affected software: BLOG v1.55B prior versions can be affected

#    Vendor: http://sourceforge.net/projects/kafooeyblog/
#    Risk: High
#
################################################################

#

#    http://[target]/[path]/lib/image_upload.php
#
#   This script only checks if the file you are uploading
#   is not a text/plain file so you can upload whatever
#   you want, for example a PHP Shell.
#

#
################################################################
#
#         Found by Piker [piker0x90(at)gmail(dot)com]
#
#            D.O.M Labs - Security Researchers
#                   www.domlabs.org

#
#
################################################################

# milw0rm.com [2008-12-21]