Bug: Uber Uploader 4.2 Arbitrary File Upload Vulnerability ( Ascii Version )

Search:
WLB2

Uber Uploader 4.2 Arbitrary File Upload Vulnerability

Published
Credit
Risk
2007.01.09
Gamma Security Team
High
CWE
CVE
Local
Remote
N/A
CVE-2007-0123
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++
|
|Uber Uploader 4.2 Arbitrary File Upload Vulnerability
|Gamma Security Team
|www.nullak.com
|www.gammahack.com
|Discovered:Null
|Official Site:http://sourceforge.net/projects/uber-uploader
|Download Link:http://belnet.dl.sourceforge.net/sourceforge/uber-uploader/Uber-Upl
oader_4.2.zip
|Risk:High
|Type:Arbitrary File Upload Vulnerability
|Vuln:
|1-First Rename Your shell.php to shell.phtml then upload it and use it
|(This Script Do Not Allow To Upload php But U Can Upload phtml File)
|
|
|Contact:null_hack (at) yahoo (dot) com [email concealed]
|
|Gr33tz to : All Iranian Hackerz

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version