B-Hind CMS (tiny_mce) Remote File Upload

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : B-Hind CMS (tiny_mce) Remote File Upload
# Published : 2010-05-18
# Author : innrwrld and h00die
# Previous Title : TS Special Edition <= v.7.0 Multiple Vulnerabilities
# Next Title : Webloader v7 - v8 ( vid ) SQL Injection Vulnerability

####################################################
#Title: B-Hind CMS (tiny_mce) Remote File Upload
#Vendor: http://www.b-hind.eu/
####################################################
#AUTHOR: innrwrld & h00die
####################################################

#DESCRIPTION (by vendor):###########################
B-interference Lite is a simple CMS for *small websites*. Ideal for local
merchants or organizations. The content of page can be adjusted by*a simple
double click* on the text or title in question. bijmaken a page and / or
removal is easy to use buttons on the website menu.The system is naturally*
multilingual*.

#POC:###############################################
http://site.com/admin/includes/tiny_mce/plugins/tinybrowser/upload.php

#[EOF]