################################################## joomla FreiChat upload shell ##################################################  # Exploit Title :joomla FreiChat upload shell  # Google Dork: inurl:/freichat/client/   #Exploit : http://site.com/path/freichat/client/plugins/upload/html.php   #Author: BHG Security Center  # Home: http://cc.black-hg.org/ - http://greyh4t.com/cc/  # Tested on: [linux+apache]  # Finder(s):Siavash (morghabi_s@yahoo.com)  # Examle: http://www.royal-eagles.fr/freichat/client/plugins/upload/html.php http://www.impact-gaming.us/freichat/client/plugins/upload/html.php http://central-churchofchrist.com/installed/directory/freichat/client/plugins/html.php http://bcua.wcp.co.at/freichat/client/plugins/upload/html.php http://www.iloveubon.com/freichat/client/plugins/upload/upload/html.php  ################################################## [-] Disclosure timeline: [04/08/2011] - Vulnerabilities discovered [14/10/2011] - Others vulnerabilities discovered [15/10/2011] - Issues reported to http://black-hg.org/ [04/09/2012] - Public disclosure # Greets To : Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t ~ Mr.XHat THANKS TO ALL Iranian HackerZ ./Persian Gulf ===========================================[End]=============================================