NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2010-02

Tavanmand Portal (fckeditor) Remote Arbitrary File Upload Vulnerability

infosecuritylab.ir
Date: Sun Jan 31 2010 - 01:46:16 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#################################################################
# Securitylab.ir
#################################################################
# Application Info:
# Name: Tavanmand Portal
# version: 1.1
# Vendor: http://www.tavanmand.ir
#################################################################
Vulnerability:
http://site.ir/fckeditor/editor/filemanager/upload/test.html

Uploaded file here http://site.ir/UserFiles/FILE.ASPX
#################################################################
# Discoverd By: Pouya Daneshmand
# Website: http://securitylab.ir
# Contacts: info[at]securitylab.ir & whh_iranyahoo.com
###################################################################

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]