Exploit JustBoil TinyMCE Images Upload Unrestricted #issue


#-Title: Exploit JustBoil TinyMCE Images Upload Unrestricted #issue
#-Author: Goginho
#-Date: 10/31/2015
#- Vendor : justboil
#- Link Download : github. com/vikdiesel/justboil. me
#- Tested on : Trusty Tahr / ubuntu
#- Fixed in ??
==========================================================================

Proof Of Concept :

[#] Google Dork: 
intext:"{#jbimages_dlg.select_an_image}"
inurl:"/plugins/jbimages/"

[#] Vulnerability / Exploit : "/public/js/tiny_mce/plugins/jbimages/dialog.htm"

[#] When Vulnerable :



This is just issue, problably u can exploited this plugin.

Shell Acces ? hmm .. 

Tidak ada komentar

Diberdayakan oleh Blogger.