elFinder 2.0 Upload File

Published
Credit
Risk
2017.04.04
3F-Team
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

***************************************************
# Exploit Title: Upload shell or index
# Google Dork:"intitle:elFinder 2.0" "inurl:elfinder elfinder html"
# Date: 2/04/2017
# Author:sniperahmed972@gmail.com
# Facebook: https://www.facebook.com/Python1992
# Tested on: Win 10
***************************************************
DEMO :
http://sicofusion.com/var/ckeditor/elfinder/elfinder.html
http://fatherandsongolf.co.uk/library/elfinder/elfinder.html
http://is.buaa.edu.cn/Public/Admin/plugins/elfinder/elfinder.html
http://holycrosslcms.net/lib/elfinder/elfinder.html
***************************************************


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com