[+] Arbitrary Upload on jQuery/PHP

[+] Date: 23/06/2014

[+] Risk: High

[+] CWE Number : CWE-264

[+] Author: Felipe Andrian Peixoto

[+] Vendor Homepage: http://rafaelcouto.com.br/upload-dinamico-com-php-jquery/#sthash.uVv21WU9.dpuf

[+] Contact: felipe_andrian@hotmail.com

[+] Tested on: Windows 7 and Linux

[+] Dork: "Upload dinâmico com jQuery/PHP"

[+] Exploit : http://host/patch/upload.php

[+] PoC: 

http://www.agendavisual.com/php/uploads_multiplos_1_modific/upload.php
http://www.agendavisual.com/php/uploads_multiplos_1_modific/uploads/e3b334538b7fc18a74286412bc388010.txt

http://lagodoy.no-ip.biz/projetos/lagodoy/upload_dinamico/upload.php
http://lagodoy.no-ip.biz/projetos/lagodoy/upload_dinamico/uploads/03cd4c9a05c8b2a4b2ede68a7b4a5fdb.txt

http://estatistica.br/caem/mostra2013/formularios/upload_comprovante.php
http://estatistica.br/caem/mostra2013/formularios/uploads/573437f23846bacf89c7e37193cfd224.txt