Plumcloud Image Browser File Upload

2022-07-11 / 2022-07-12
id L4663r666h05t (ID) id
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: "©2014 PlumCloud. All Rights Reserved."

==================================================== Exploit Title: Plumcloud Image Browser File Upload Exploit Author: L4663r666h05t Twitter: https://twitter.com/L4663r666h05t Vendor Homepage: https://plumcloud.com Dork: "©2014 PlumCloud. All Rights Reserved." Exploit: /_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx ==================================================== Then try http://mail.mhc.com.mt/_common_CS_v6/aspx/ckeditor/ImageBrowser.aspx Demo Target: mail.mhc.com.mt mail.plumcloud.com mx01.cbuzu.com mx01.maltait.com mx01.melitaunipol.com mx01.muia.com.mt mx01.muib.com.mt plumcloud.com plumcloud.net File/Images path: /uploads/ckeditor/images/yourfile.jpg ==================================================== indonesian hacker 2014 ====================================================


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top