CVE-2005-0613

This exploit demonstrates an arbitrary file upload vulnerability in Nuke ET <= 3.4 due to improper MIME type validation in the FCKeditor component. It uploads a malicious PHP file disguised as a ZIP file and provides a remote shell.

This exploit leverages an authentication bypass vulnerability in InoutMailingListManager <= 3.1 to upload a malicious PHP file, execute arbitrary commands, and retrieve database credentials. It demonstrates a multi-step attack chain involving directory traversal, file upload, and command execution.