header-logo
Suggest Exploit
vendor:
MySimpleFileUploader
by:
FormatXFormaT
7.5
CVSS
HIGH
Upload Shell Vulnerability
434
CWE
Product Name: MySimpleFileUploader
Affected Version From: V1.6
Affected Version To: V1.6
Patch Exists: Yes
Related CWE: N/A
CPE: MySimpleFileUploader
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

MySimpleFileUploader V1.6 Upload Shell Vulnerability

MySimpleFileUploader V1.6 is vulnerable to an upload shell vulnerability. An attacker can exploit this vulnerability by changing the type of file to c99.php.sisx and uploading a malicious shell. This will allow the attacker to gain access to the server.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of MySimpleFileUploader.
Source

Exploit-DB raw data:

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=
MySimpleFileUploader V1.6 Upload Shell Vulnerability

script: MySimpleFileUploader V1.6

Site script: http://phpx3.com


=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=

Found by: FormatXFormaT

contact: hun4r@yahoo.com

Forum: http://Tkurd.com

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=

Dork:
"Powerd By MySimpleFileUploader V1.6"

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=

Exploit:
step 1 : Change type file to c99.php.sisx

step 2 : Upload Your Shell

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=

Video:
http://www.megaupload.com/?d=Z0R343KN

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=

Special Thanks: Angry-Boy , Neo , All Tkurd Memebers.

=-==-==-==-==-==-==-==T==K==R==D==-==-==-==-==-==-==-==-==-==-==-==-=