The exploit describes an arbitrary file upload vulnerability in CMS Balitbang v3.3 due to the use of an outdated FCKeditor version. The vulnerability allows attackers to upload malicious PHP files by bypassing extension checks.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:CMS Balitbang v3.3
No auth needed
Prerequisites:Access to the upload endpoint · Outdated FCKeditor configuration