Eduha Meeting php shell upload Vulnerabilities

Site:http://eduha.forever.kz/

Demo:http://nextlevel.astrakhan.ru/meeting/

----------------------------------------------------

Example:

http://victim/path/index.php?act=add

add photo(upload php phpshell)

Bug Video: http://www.biyosecurity.be/video/meeting.rar

-----------------------------------------------------

Credit :Liz0ziM

Website:www.biyo.tk,www.biyosecurity.be

Mail :liz0 (at) bsdmail (dot) com [email concealed]

------------------------------------------------------

Source:

http://www.blogcu.com/Liz0ziM/716541/

http://biyosecurity.be/bugs/meeting.txt

http://liz0zim.no-ip.org/meeting.txt

[ reply ]