Remote File Inclusion/Upload Vulnerability on phUploader

phUploader is a very simple script for uploading one or many files or images to your website. You can specify the file types accepted, file size and even control the file name. This script was build with PHP5 in mind and is not platform dependant. This script is very useful for temporary file storage or simple forum signature and avatar hosting.

We already discussed about Google Dork For "Remote File Inclusion" in previous post, Now let we see Remote File Inclusion/Upload Vulnerability on phUploader

Steps :
                         http://{site.com}/ path/upload.php
                         http://site.com/upload.php

Example:
http://fidelityprintquick.com/phUploader.php