uploadcare File Upload vulnerability

2017.05.14

sohaip-hackerDZ (DZ)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:"/uploadcare/"

# Exploit Title    : uploadcare File Upload vulnerability
# Exploit Author: sohaip-hackerDZ
# Date              : 2017-05-12
# DORK           : inurl:"/uploadcare/"
# Vendor Homepage: https://uploadcare.com/
# Tested on      : linux mint
#
# [+] Exploit       : http://127.0.0.1/path/uploadcare/dialog.php
#
#################################################################################
#
#  [+] Demo :
#
#  http://www.cyprium.co.uk/ckeditor_pre/plugins/uploadcare/dialog.php
#
# [+] File Location :https://ucarecdn.com/22a791f9-0eef-467f-90e3-e2589bc809f7/
#
#################################################################################
# fp       >> https://www.facebook.com/sohaipbarika/
# forum    >> http://www.spyhackerz.com/forum/
# web site >> http://www.tools-hack.com/
# Discovered By: sohaip-hackerDZ 
 

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

uploadcare File Upload vulnerability

Dork: inurl:"/uploadcare/"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.