################################################################################################# # Exploit Title : Developed by Rate it Services Business Solutions Mājas lapu izstrāde FCKeditor Remote File Upload Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 23/06/2018 # Vendor Homepage : rate.lv # Tested On : Windows # Category : WebApps # Exploit Risk : Medium # CWE : CWE-264 [ Permissions, Privileges, and Access Controls ] ################################################################################################# # Title : Developed by Rate Business Solutions Mājas lapu izstrāde Latvia FCKeditor Remote File Upload Vulnerability # Google Dorks : intext:''Developed by: RATE Business Soltuions'' intext:''Developed By: Mājas lapu izstrāde'' intext:''Developed by: RATE IT SERVICES'' # Exploit : /jscripts/editor/filemanager/connectors/uploadtest.html # Path : /allfiles/... ################################################################################################# # Example Sites : behold.lv/jscripts/editor/filemanager/connectors/uploadtest.html hotelsinpl.com/jscripts/editor/filemanager/connectors/uploadtest.html bhyper.com/jscripts/editor/filemanager/connectors/uploadtest.html ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################