Monoblog upload file

2017.06.22
Credit: iranonymous
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

====================================================== # Exploit Title: Monoblog upload file vulnerability # Google Dork: intext:" تمامی حقوق محفوظ و مربوط به “ مونوبلاگ ” می باشد " # Vendor Homepage: http://monoblog.ir/ # Date: 2017-06-19 # Author: iranonymous # Tested on: Win 7, Linux *************************************************** # First registered on monoblog site Http://monoblog.ir/index.php?url=register Log in to the settings section Http://monoblog.ir/index.php?url=setting&us=1 You can reset your loop through the Tempier DataTeam plugin File path upload : Http://www.monoblog.ir/blog/thumbnails/Your File . ====================================================== # Proof in the zone : Http://zone-h.org/mirror/id/25492986 ===================================================== # Thanks to : ~~> MR.Khatar || Blackwolf_Iran ||Ormazd || ll_azab-siyah_ll ||Sh@d0w ||Hellish_PN (mamad khodesh) ||Shdmehr || # Iranian Anonymous # Discovered By: Saman.Khan

References:

iranonymous


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top