37 lines
No EOL
1 KiB
Text
37 lines
No EOL
1 KiB
Text
'''
|
|
__ __ ____ _ _ ____
|
|
| \/ |/ __ \ /\ | | | | _ \
|
|
| \ / | | | | / \ | | | | |_) |
|
|
| |\/| | | | |/ /\ \| | | | _ <
|
|
| | | | |__| / ____ \ |__| | |_) |
|
|
|_| |_|\____/_/ \_\____/|____/
|
|
|
|
'''
|
|
|
|
|
|
|
|
Abysssec Inc Public Advisory
|
|
|
|
|
|
Title : AtomatiCMS Upload arbitrary file Vulnerability
|
|
Affected Version : AtomatiCMS 10_all
|
|
Discovery : www.abysssec.com
|
|
Vendor : http://www.atomaticsoftware.com
|
|
Download Links : http://sourceforge.net/projects/atomaticms/
|
|
|
|
|
|
Description :
|
|
===========================================================================================
|
|
This version of AtomatiCMS have Upload arbitrary file Vulnerability with fckEditor
|
|
in this Paths:
|
|
|
|
http://Example.com/FCKeditor/editor/filemanager/browser/default/connectors/test.html
|
|
http://Example.com/FCKeditor/editor/filemanager/upload/test.html
|
|
|
|
|
|
Which your files will be in this path:
|
|
.../UserFiles/
|
|
|
|
|
|
|
|
=========================================================================================== |