Radiosnet Unrestricted Upload Vulnerability

2016.01.31

Credit: Jahesh Security Team

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:"nota" & inurl:"subir_foto.php"

 |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|--------------------------------------------------------------|
|[+] Exploit Title: Radiosnet Unrestricted Upload Vulnerability
|[+]
|[+] Exploit Author: Jahesh Security Team
|[+]
|[+] Vendor Homepage: radiosnet.com.ar
|[+]
|[+] Google Dork: inurl:"nota" & inurl:"subir_foto.php"
|[+]
|[+] Date: 29 Jan 2016
|[+]
|--------------------------------------------------------------|
|[+] Examples :
|[+]
|[+] Exploit: subir_foto.php
|[+]
|[+] http://www.fmulapes1051.com.ar/subir_foto.php
|[+]
|[+] http://www.fm10bolivar.com.ar/subir_foto.php
|[+]
|[+] http://www.fmdynamis.com.ar/subir_foto.php
|[+]
|[+] http://radiodenoticias.com.ar/subir_foto.php
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : Black Diamond
|[+]Thanks: Mr.Curse T!nk3r 2Dadash WereWolf98 Shayan72
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Radiosnet Unrestricted Upload Vulnerability

Dork: inurl:"nota" & inurl:"subir_foto.php"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.