Just Follow These Steps :
This is the vulnerability similar to FCK Editor file upload vulnerability which allows you to upload your and or shell on the target website.
Google Dork: "Portail Dokeos 1.8.5"
Vulnerable URL: http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
Goto :http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
Now under:
| Select the "File Uploader" to use Change the type from ASP to PHP. Choose your file. Click on Send it to the Server to upload your file. |
error" After the uploading process. In the right hand side see the Uploaded File
URL. From there see your uploded file
0 comments:
Post a Comment