___ ___ __ / | \_____ | | _____ ___ ___________ / ~ \__ \ | |/ /\ \/ // __ \_ __ \ \ Y // __ \| < > <\ ___/| | \/ \___|_ /(____ /__|_ \/__/\_ \\___ >__| \/ \/ \/ \/ \/ :: Egy Coders Team Researcher /- Job Board => Arbitrary File Upload Vulnerability /- demo : http://www.jobscriptdemo.com /- Greetz : ExH , ProViDoR , Bright D@rk , Error Code , all team /- Proud To Be Egyptian ..... /- http://hakxer.blogspot.com/ * Hi every body * in this vulnerability you can upload any file you want .php .. etc * the script is job board from job script company we can upload shell into * board ok now look at steps * first goto http://host/path/register.php * and now sign in board * goto add CV Page here http://host/path/mycv.php * then go and upload shell file * click Upload CV * now go to - Click Here to view your CV - * like this http://host/path/accesscv.php?id=[randid] * shell uploaded successfully * you can test this vulnerability in demo user * email : demo * pass : demo *** notes : ** use it in your own risk ./be safe