Turkish Meb.Gov.tr Subdomains Upload File Vulnerability

2018.03.26
tr God3err (TR) tr
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: site:meb.gov.tr intext:/ucretliogretmenlik/

Turkish Meb.Gov.tr Subdomains Upload File Vulnerability ------------------------------------------------------------- Version One : Step 1 Open the page and sign up random turkish citizenship number Step 2 Rename index.html to index.jpg,index.jpg.html Step 3 Click upload button and select index file Success E.g : http://sisli.meb.gov.tr/ucretliogretmenlik/ http://silivri.meb.gov.tr/ucretliogretmenlik/ Version Two : Step 1 Open the page and click "2017-2018 Eğitim-Öğretim Yılı Ücretli Öğretmenlik Başvuru Formu" Step 2 sign up random turkish citizenship number,name... Step 3 Click upload button and select index file (index.html,index.jpg.html,index.jpg etc.) Success E.g : http://sultangazi.ucretliogretmen.xyz/basvuru/sgbasvuru2017.php http://arnavutkoy.ucretliogretmen.xyz/basvuru/abasvuru2017.php ☭ God3err ☭


See this note in RAW Version
Vote for this issue:
55%
45%

Comment it here.
Copyright 2025, cxsecurity.com

 

Back to Top