[+] Exploit Title ; ava blog Insecure Direct Object References Vulnerability
[+] Date : 2017-12-10
[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS
[+] Vendor Homepage : http://www.avablog.ir/
[+] Dork : intext:"کلیه حقوق و امتیازات کد نویسی و قالب متعلق به آوابلاگ می باشد ."
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Description :
[!] Ava Blog is a tool for creating free blogs.
[!] Using this vulnerability, You can see the names of the blogs that use the Ava Blog.
[!] You can also view the files uploaded by blog administrators.
[!] Vulnerable Url :
[!] http://blogname.avablog.ir/upload/
[!] For Ex : http://mahsapie.avablog.ir/upload/