=================Memberkit 1.0 Remote File Upload================
Discovered By: Lo$er
After registered and logged in, a user can upload any type of file in "My Picture Album" where a picture would usually be uploaded.
For example, if the file "shell.php" was uploaded to somesite.com, its location would likely be
The location of the file can also easily be found by using your browser's "view image" function where the image would appear regularly.
lots of lub to (irc.)r00tsecurity.org and all of #r00tsecurity
# milw0rm.com [2009-01-01]