中国网络渗透测试联盟

标题: fckeditor漏洞 [打印本页]
作者: admin    时间: 2012-9-13 17:02
标题: fckeditor漏洞
/ y. X$ p5 t1 G' U% }. r9 U
fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=connectors/asp/connector.asp
3 G5 a+ S! u6 e% o" Jhttp://www.china-photo-model.com ... aspx/connector.aspx
! s# A/ @  @$ T7 X* X1 {+ a: }3 X! @& z  @, ?6 v

5 Y- x. X5 c& G5 ^# n1 Hhttp://yeni.kadikoy.bel.tr/globa ... ctors/jsp/connector/ u; a$ F" ~: ?% E, f
2 Y+ o! B& R, z7 f% p7 c% z
1 V0 O! U! Q8 o

* l3 e1 S, p1 a) f  f# J
2 ~3 o5 b8 O+ I  g  z7 x" f+ o- T+ p/ b, V
查看配置和列出目录下的文件.
( p/ @# `' l- G7 q- R+ c) p7 x: R6 y, S, |) f  }% g3 C# w+ g) z8 K
# U, C* V) ~4 I  o6 {1 v( c5 e& t
http://www.xxx.com/fckeditor/edi ... p;CurrentFolder=%2F
7 y) \. a0 z; n2 Whttp://www.xxx.com/fckeditor/edi ... p;CurrentFolder=%2F
  j! d( Z5 _8 K/ k; s0 m" ~3 A. l
1 R% _1 k$ X7 i6 f上传地址:
) Q! L8 r. |' L, I  h% M/ D, x) C# u8 b; _3 m( r
http://www.xxx.com/fckeditor/edi ... p;CurrentFolder=%2F
$ H& s# a4 M7 B2 t% \http://www.xxx.com/fckeditor/edi ... ctors/jsp/connector    ../为根目录



欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) Powered by Discuz! X3.2