# title: Compactcms 1.4.0 (tiny_mce) remote file upload
# edb-id: 12613
# cve-id: ()
# osvdb-id: ()
# author: Itsecteam
# published: 2010-05-15
# verified: No
# download exploit code
# download n/a
view source
print?
################################################## ########
#title: Compactcms 1.4.0 (tiny_mce) remote file upload
#vendor:
http://www.compactcms.nl/
################################################## ########
#author: Itsecteam
#email:
bug@itsecteam.com
#website:
http://www.itsecteam.com
#forum :
http://forum.itsecteam.com
#original advisory:
http://www.itsecteam.com/en/vulnerab...rability52.htm
#thanks: R3dm0v3, pejvak, am!rkh@n
################################################## ########
#description (by vendor):#################################
compactcms might just be the tenth cms you considered using for your website.
If that's true, ask yourself why you haven't found the right &@#&@#&@#&@#&@#&@#&@#
management
system just yet. Compactcms is light-weight, truly efficient and fully
ajax loaded.
#poc:############################################# ########
http://site.com/admin/includes/tiny_mce/plugins/
tinybrowser/upload.php