DoraCMS File Upload Vulnerability

Published
Credit
Risk
2017.01.01
Ashiyane Digital Security Team
High
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|=============================================================|
|[+] Exploit Title: Dora CMS File Upload Vulnerability
|[+]
|[+] Exploit Author: Ashiyane Digital Security Team
|[+]
|[+] Download Link : https://github.com/doramart/DoraCMS
|[+]
|[+] Vendor : http://www.html-js.cn/document___Ek7skiaw
|[+]
|[+] Tested on: Kali Linux
|[+]
|[+] Date: 12 /29 / 2016
|=============================================================|
|[+] Method :GET
|[+] Vuln Path : http://127.0.0.1/DoraCMS-master/views/manage/addContent.ejs
|[+] Vuln Path : http://127.0.0.1/DoraCMS-master/views/manage/addPlugs.ejs
|[+] Vuln Path : http://127.0.0.1/DoraCMS-master/views/manage/addSliderAds.ejs
|[+] Vuln Path : http://127.0.0.1/DoraCMS-master/views/manage/addSliderImgs.ejs
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : M.R.S.L.Y
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com