# Exploit Title: Multiple File Attachments Mail Form Pro v2 - WebShell upload # Date: 16/02/2010 # Author: EgoPL # Mail: dplrip@gmail.com # Software Link: http://activeden.net/item/multiple-file-attachments-mail-form-prov2/31262 # Version: Pro V2 # Tested on: Arch Linux + Apache but it's OS independent. #Exploit: The webapp uploads the attachments of the mail with 777 permissions so you can upload a webshell and use it etc Code if(!is_dir("./files")) mkdir("./files", 0755); move_uploaded_file($_FILES['Filedata']['tmp_name'], "./files/".$_FILES['Filedata']['name']); chmod("./files/".$_FILES['Filedata']['name'], 0777); That's the EPIC fail. You only need to upload a webshell and enter to it in the folder files.