EgO version 0.7b suffers from an arbitrary file upload vulnerability.
3487a54ca0443f8685195d81ed0a9b36d55373e90ce0b6e2c0f225d267481400##########################################################
#Title: EgO v0.7b (fckeditor) Remote File Upload
#Download: http://sourceforge.net/projects/vairux-ego/
##########################################################
#AUTHOR: ITSecTeam
#Email: Bug@ITSecTeam.com
#Website: http://www.itsecteam.com
#Forum : http://forum.ITSecTeam.com
#Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability53.htm
#Thanks: r3dm0v3,Mehr@n.s,pejvak,am!rkh@n
##########################################################
#DESCRIPTION (by vendor):#################################
EgO is a PHP script that makes easier the set up and administration of a
website.
EgO supports customizable skins and modules that would be designed to fit specific
needs.EgO features a new WYSIWYG editor (FCKEditor), dynamic RSS 2.0
Syndication, etc..
#POC:#####################################################
http://site.com/FCKEditor/editor/filemanager/browser/ default/connectors/test.html
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed