We already discussed about "Remote File
Inclusion/Upload Vulnerability on phUploader
" in previous post, Today we are going to discuss about Remote File
Inclusion/Upload Vulnerability On RTE Webwiz.
Web Wiz Rich Text Editor (RTE) is a free WYSIWYG HTML RTE that replaces standard text areas with an advanced Word-style HTML
Using this tool you can change any text area on your site into an HTML area with real-time WYSIWYG formatting. Useful for
many purposes from basic submission forms to advanced CMS (Customer Management Systems).
(Click on the image to view in full size)
1. Go to Google and Enter anyone of dork from below :
2. Select any website from search result, Exploit site looks like below link
3. Now you will see a screen like above image,In that you can upload your file
4. You can see your file link after upload link.
5. Done!! "
!! Thank You !!