Simogeo Filemanager - Arbitrary File Upload

2017.12.10
ma Misterklio (MA) ma
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

########################################## # Exploit Title : Simogeo Filemanager - Arbitrary File Upload # vendor home : https://github.com/simogeo/Filemanager # Contact : https://www.facebook.com/izzadiine/ # Date : 11:41 PM 12/9/2017 # Exploit Author: Misterklio # Category: Webapps # Language: PHP # Tested on: windows 7 / FireFox ########################################## ################# Dorks ################## # Search target with Google Dorking # Dork : inurl:/js/filemanager/index.html ################ Poc ###################### Poc : /filemanager/index.html ################# Vuln Upload ############# # Exemple : https://ayalonmotors.co.il/js/filemanager/index.html #CO.IL http://www.durhamcityssp.org.uk/js/filemanager/index.html https://provincia.fermo.it/js/fileManager/index.html ########################################## # Enjoy Discovered by Mister klio ##########################################


Vote for this issue:
0%
100%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top