*=============================================================| |A Exploit Title:A CMS_Nuked-Kla File Upload Vulnerability | |A Exploit Author: Ashiyane Digital Security Team | |A Vendor HomePage: https://github.com/Nuked-Klan/CMS_Nuked-Klan | |A Download Link : https://github.com/Nuked-Klan/CMS_Nuked-Klan/archive/develop_1.8.zip | |A Version : V 1.8 | |A Dork : index of:"filemanager/dialog.php" | |A Tested on:A Kali Linux | |A Date: 1 /3 / 2017 *=============================================================| |A Vulnerability Path : http://127.0.0.1/CMS_Nuked-Klan-develop_1.8/media/tinymce/plugins/filemanager/dialog.php |A Vulnerability Path : http://127.0.0.1/6/CMS_Nuked-Klan-develop_1.8/media/filemanager/dialog.php |A Vulnerability Method :GET *===========================| |A Proof : | |A http://arksun.com/plugins/tinymce/filemanager/dialog.php |A https://www.mygolfballdrop.com/static/plugins/filemanager/dialog.php |A http://www.globalasset-group.com/wwwassets/libraries/filemanager/dialog.php |A http://www.gracegospelcommission.org/filemanager/dialog.php |A http://www.visiun.fr/lib/filemanager/dialog.php *===========================| |A Vulnerability description *===: |A This page allows visitors to upload files to the server. |A Various web applications allow users to upload files (such as images, html, ...). |A Uploaded files may pose a significant risk if not handled correctly. |A A remote attacker could send a multipart/form-data POST request |A with a specially-crafted filename or mime type and execute arbitrary code. *=============================================================| | Discovered By : M.R.S.L.Y *=============================================================|A