Bugtraq mailing list archives
Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit
From: Frank Habermann <lordlamer () lordlamer de>
Date: Wed, 5 May 2010 21:28:01 +0200
Hi,
Restrict access to the extension/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php script (e.g. via .htaccess) To Proof This Concept , The Script Remote c0de available here: http://www.inj3ct0r.com/exploits/12132
I have checked this and your proof of concept does not work for me! And what should the config.php do? Their is no running code in it. Only a configuration file. regards, Frank
Current thread:
- Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit eidelweiss (May 05)
- Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit Frank Habermann (May 06)