# AuraCMS 2.1 Remote File Upload Vulnerability # Vulnerability Researcher: k1tk4t frm Indonesia # Type : Remote # Buffer Overflow # Release Date : # 09-19-2007 # Author of this exploit: TaMbarUS {tambarus at gmail dot com} frm India # Risk : Critical # Usage : Firstly, register the victim web site. After, go to "/mod/contak.php" and upload any arbitary script here. # [+] Your malicious Script : scriptname.php.gif or scriptname.php.jpg or evilscriptname.php.png ########################################################### Greetz: Str0ke, todd, N3wTun, SnakeEyez, Parvez Musharaf ###########################################################