Web Wiz Rich Text Editor version 3.0 getshell vulnerabilities-vulnerability warning-the black bar safety net

ID MYHACK58:62201236181
Type myhack58
Reporter 佚名
Modified 2012-12-16T00:00:00


Recently engage in foreign stations encountered this editor, record it.

Address: http://target/RTE_popup_file_atch.asp

  1. You can upload any files, although not prompted to upload successfully, but it has been uploaded.

  2. The new version if the uploaded file is limited, can be combined with theweb serverversion using analytical vulnerability to get a shell, because the uploaded file is not renamed.

Well, the recording is completed.