/home/mb3e/

♺ Google is the best teacher ♺ | University of Gunadarma IT ☺

EgO 0.7b an arbitrary file upload

Text : 

##########################################################


#Title: EgO v0.7b (fckeditor) Remote File Upload


#Download: http://sourceforge.net/projects/vairux-ego/


##########################################################


#AUTHOR: ITSecTeam


#Email: Bug@ITSecTeam.com


#Website: http://www.itsecteam.com


#Forum : http://forum.ITSecTeam.com


#Original Advisory:
www.ITSecTeam.com/en/vulnerabilities/vulnerability53.htm

#Thanks: r3dm0v3,Mehr@n.s,pejvak,am!rkh@n


##########################################################





#DESCRIPTION (by vendor):#################################


EgO is a PHP script that makes easier the set up and administration of a


website.


EgO supports customizable skins and modules that would be designed to fit

specific


needs.EgO features a new WYSIWYG editor (FCKEditor), dynamic RSS 2.0


Syndication, etc..





#POC:#####################################################


http://site.com/FCKEditor/editor/filemanager/browser/

default/connectors/test.html


Arrow  References :  http://securityreason.com/wlb_show/WLB-2010050089
 

0 comments:

Post a Comment

silahkan tinggalkan komentar anda disini .. :D

Subscribe to: Post Comments (Atom)