Portail Dokeos vulnerability is a Kind of FCK editor remote file upload vulnerability
in this vulnerability hacker can upload a shell. deface page or any file on website without admin username and password
Google Dork< : “Portail Dokeos 1.8.5”
Exploit :http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html
Goto :
[You must be registered and logged in to see this link.] chnage asp into PHP like FCK editor and Upload you deface shell or file, You can upload, .html .php .jpg .txt formats here
To view your uploaded file go here :
[You must be registered and logged in to see this link.] file here
Live Demo :
[You must be registered and logged in to see this link.]Other websites For practice
[You must be registered and logged in to see this link.]