BigDump 0.35b - Arbitrary Upload

2014-03-24 19:05:06

[+] Arbitrary Upload on BigDump v0.35b
[+] Date: 23/03/2014
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Vendor Homepage: http://www.ozerov.de/bigdump/
[+] Contact: [email protected]
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: bigdump.php
[+] Version: v0.35b
[+] Exploit : http://host/bigdump.php?start=
[+] PoC: http://dark-h.org/bigdump.php?start=

Note: allows upload files and shells with tamperdate.

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.