Web File Manager - Arbitrary File Upload

2017.11.06
Credit: Misterklio
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

======================================= # Exploit Title : Web File Manager - Arbitrary File Upload # Date : 06/11/017 # Exploit Author: Misterklio # Tested on : Windows 7 # Contact : www.fb.com/izzadiine ======================================= ////////////////////// Dorks ////////////////////// 1) Search target with Google Dorking # intext:"Web File Manager" site:co.il ////////////////////// Admin Panel ////////////////////// 2) Poc : target.com:8000/Login ////////////////////// File To Upload ////////////////////// 3) Test : http://dyes.co.il:8000/Login ////////////////////// Default pw and user ////////////////////// User : web Password : 1 =======================================

References:

#Enjoy By Mister klio


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top