• info
• discussion
• exploit
• solution
• references

Mail-it Now! Upload2Server Arbitrary File Upload Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/uploads/[time() result]-[PHPfilename]

The following exploit is available:

• /data/vulnerabilities/exploits/Mail-it-Now-expl.php