MyNews Arbitrary File Upload Vuln

[o] MyNews Arbitrary File Upload Vulnerability

Software : MyNews 1.6.5
Vendor :
Dork : "Powered by MyNews"
Author : NoGe

[o] Exploit


// SECURITY: You must explicitelly enable this "uploader".

$Config['Enabled'] = true ;


in the "File Uploader" section, select "PHP"
browse file u want to upload and click "Send it to the Server"
if the file uploaded with no error, u will see the file path in "Uploaded File URL"


[o] PoC

2 Responses so far.

  1. Pretty good post, this is one of the best articles that I have ever seen !
    uk essay

  2. Your blog is excellent. Let me inform u one thing that post have become most up-to-date and vital source of quality free information.
    Custom Dissertations