| New User, Welcome! Login |
Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit
| From: |
Frank Habermann <lordlamer lordlamer de> |
| To: |
bugtraq securityfocus com |
| Cc: |
eidelweiss cyberservices com |
| Subject: |
Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit |
| Date: |
Wed - May 05, 2010 12:01 PM |
Hi,
> Restrict access to the
> extension/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php
> script (e.g. via .htaccess)
>
> To Proof This Concept , The Script Remote c0de available here:
>
> http://www.inj3ct0r.com/exploits/12132
I have checked this and your proof of concept does not work for me!
And what should the config.php do? Their is no running code in it. Only a
configuration file.
regards,
Frank
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
