Re: Phorm v3.0 Remote File Upload Vulnerability




: # Phorm v3.0 Remote File Upload Vulnerability
:
: # ilker kandemir <ilkerkandemir[at]mynet.com>
:
:
: # Exploit: http://[site]/[phorm_path]/lib/fileupload.php [+]=====>> upload your shell.php
:
: # http://[site]/[phorm_path]/files/phpshell.php

This also won't work unless an administrator makes changes to
intentionally compromise the installation.

http://attrition.org/pipermail/vim/2007-July/001735.html