[webapps] Easy File Uploader - Arbitrary File Upload

EDB-ID: 41944
Author: Daniel Godoy
Published: 2017-04-27
CVE: N/A
Type: Webapps
Platform: PHP
Vulnerable App: N/A

 # Date: 27/04/2017 
# Exploit Author: Daniel Godoy
# Vendor Homepage: https://codecanyon.net/
# Software Link: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287
# Tested on: GNU/Linux
# GREETZ: Rodrigo Mouriño, Rodrigo Avila, #RemoteExecution Team


POC

Drop file php (shell.php) to upload.
access to http://poc_site/fileFolder/shell.php and enjoy!

Related Posts