Exploit JustBoil TinyMCE Images Upload Unrestricted #issue
#-Title: Exploit JustBoil TinyMCE Images Upload Unrestricted #issue
#-Author: Goginho
#-Date: 10/31/2015
#- Vendor : justboil
#- Link Download : github. com/vikdiesel/justboil. me
#- Tested on : Trusty Tahr / ubuntu
#- Fixed in ??
==========================================================================
Proof Of Concept :
[#] Google Dork:
intext:"{#jbimages_dlg.select_an_image}"
inurl:"/plugins/jbimages/"
[#] Vulnerability / Exploit : "/public/js/tiny_mce/plugins/jbimages/dialog.htm"
[#] When Vulnerable :
This is just issue, problably u can exploited this plugin.
Shell Acces ? hmm ..
Post a Comment