header-logo
Suggest Exploit
vendor:
Max's File Uploader
by:
S2K9
9,3
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: Max's File Uploader
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2010

Max’s File Uploader

Max's File Uploader is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server, which can be used to gain access to the server. The attacker can use the Dork to find the vulnerable website and then use the exploit to upload a malicious file to the server. The malicious file can then be accessed via the path maxFileUpload/shell.php.

Mitigation:

The website should have proper authentication and authorization mechanisms in place to prevent unauthorized file uploads. The website should also have a file type validation mechanism to prevent malicious files from being uploaded.
Source

Exploit-DB raw data:

in the name of allah

# Exploit Title: Max's File Uploader
# Date: 15/1/2010

# Author:S2K9

# Site: www.soqor.net , www.xp10.me

# Software Link: http://www.phpf1.com/product/file-upload-script.html

# Tested on: windows xp sp2

Dork : use your head

exploit : add u  r shell

upload it

your shell uploaded successfully

go to path maxFileUpload/shell.php

Greetz : R3d-D3v!L <<<< my teacher lol and every muslim hacker

Navigation

Suggest Exploit

Services By CQR