header-logo
Suggest Exploit
vendor:
myPHPupload
by:
ViRuSMaN
8.8
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: myPHPupload
Affected Version From: 2000.5.1
Affected Version To: 2000.5.1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
N/A

myPHPupload 0.5.1 Remote File Upload Vulnerability

myPHPupload 0.5.1 is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server by exploiting this vulnerability. The attacker can then access the uploaded file by visiting the directory where the file was uploaded.

Mitigation:

The application should validate the file type before allowing it to be uploaded. The application should also restrict the file size and the file name.
Source

Exploit-DB raw data:

##############################################################
|
| myPHPupload 0.5.1 Remote File Upload Vulnerability
|
| Author : [ViRuSMaN]
|
| Contact : [v.-m@live.com]
|
| Home : [Islam-Attack.CoM , HackTeach.OrG]
|
| Download : [http://www.graphiks.net/telecharger/myPHPupload.zip]
|
##############################################################
|
|
| Exp :
|
| 1- Uoload your shell format "shell.php"
|
| 2- Go to The Pwd target.com/path/rep_secret/
|
| 3- Found name your shell
|
##############################################################