# # # # # # Exploit Title: PHP Product Designer Script - Arbitrary File Upload # Google Dork: N/A # Date: 30.01.2017 # Vendor Homepage: https://codecanyon.net/item/php-product-designer/19334412 # Software Buy: https://codecanyon.net/item/php-product-designer/19334412 # Demo: http://phpproductdesigner.000webhostapp.com/products.php # Version: N/A # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[beygir]ihsan[nokta]net # # # # # # Exploit : # http://localhost/[PATH]/products.php / Create New Design # http://localhost/[PATH]/theme/images/uploads/[......PHP] # # # # # # uploadImage.php # # # # # # Iranian Exploit DataBase = http://IeDb.Ir [2017-02-02]