Ckfinder remote file Upload Vulnerability

2010-10-04T00:00:00
ID 1337DAY-ID-14323
Type zdt
Reporter Net.Edit0r
Modified 2010-10-04T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =========================================
Ckfinder remote file Upload Vulnerability
=========================================

#Author: Net.Edit0r

#Dork : inurl:"/ckfinder/ckfinder.html"


#Software Link: http://www.ckfinder.com/

#Platform :linux/php

#Exploit : http://target.com

#http://target.com/[path]/ckfinder/ckfinder.html

#Select the "Upload" To use = txt . xml . exe . mp3 . and ..

#http://target.com/[path]/ckfinder/ckfinder.html

#File : http://target.com/[path]/ckfinder/userfiles/files/Name File

#OR

#http://target.com/[path]/ckfinder/files/Name File

Demo : http://www.tenants.bc.ca/ckfinder/ckfinder.html

Demo : http://www.strichacht.at/libs/ckfinder/ckfinder.html

########################################### Iranian HackerZ
##############################################
#
#
# Spical Thanks To : Darkcoder ~ H-SK33PY ~ S3Ri0uS ~ b3hz4d ~ Classic
~ AmIr-MaGic
#
#
# Greetz : Ashiyane.Org ~ Datacoders.Org ~ Houseofhackers.Net #Ibh
#
##########################################################################################################



#  0day.today [2018-01-11]  #