Plumcloud Image Browser File Upload

2022-07-11 / 2022-07-12

L4663r666h05t (ID)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

====================================================
Exploit Title: Plumcloud Image Browser File Upload
Exploit Author: L4663r666h05t
Twitter: https://twitter.com/L4663r666h05t
Vendor Homepage: https://plumcloud.com
Dork: "©2014 PlumCloud. All Rights Reserved."
Exploit: /_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx
====================================================

Then try
http://mail.mhc.com.mt/_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx

Demo Target:
mail.mhc.com.mt
mail.plumcloud.com
mx01.cbuzu.com
mx01.maltait.com
mx01.melitaunipol.com
mx01.muia.com.mt
mx01.muib.com.mt
plumcloud.com
plumcloud.net

File/Images path: /uploads/ckeditor/images/yourfile.jpg

====================================================
indonesian hacker 2014
====================================================

See this note in RAW Version

Vote for this issue:

100%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Plumcloud Image Browser File Upload

Dork: "©2014 PlumCloud. All Rights Reserved."

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Plumcloud Image Browser File Upload

Dork: "©2014 PlumCloud. All Rights Reserved."

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.