Design and Developed by TechSparkIT Limited Bangladesh Education Unauthorized Insert File Vulnerability

2018.11.12
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-264

################################################################################################# # Exploit Title : Design and Developed by TechSparkIT Limited Bangladesh Education Unauthorized Insert File Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 13/11/2018 # Vendor Homepage : techsparkit.com # Tested On : Windows and Linux # Category : WebApps # Google Dork : intext:''Design and Developed by : TechSparkIT Ltd.'' site:edu.bd intext:''Design and Developed By : TechSparkIT Limited'' site:edu.bd intext:''Powered by : TechSparkIT Ltd.'' site:edu.bd # Exploit Risk : Medium # CWE : CWE-264 - [ Permissions, Privileges, and Access Controls ] ################################################################################################# # Admin Panel Login Path : /backend/web/login /login # Exploit : /site/admission + Fill the Form Random but correctly. Online Student Submission Form + After Submission of the your uploaded file - it says ; + Thank You ! Your application is now waiting for admin approval. You will get a sms after final approval. + But we don't know exactly where the file is uploaded. Search for directory file paths. # Directory File Path : /media/student/TARGETDOMAIN.edu.bd/[RANDOM-NUMBERS]_[YOURFILENAME.gif] /media/father/[RANDOM-NUMBERS]_[YOURFILENAME.gif] /media/mother/[RANDOM-NUMBERS]_[YOURFILENAME.gif] ################################################################################################# # Example Vulnerable Sites : [+] istdiploma.edu.bd/site/admission => [ Proof of Concept for Vulnerability ] => archive.fo/VCfnk [+] cbiu.ac.bd/site/admission [+] npa.edu.bd/site/admission [+] dpti.edu.bd/site/admission [+] dpc.edu.bd/site/admission [+] uteiraj.edu.bd/site/admission [+] thenorth.edu.bd/site/admission [+] spiraj.edu.bd/site/admission [+] pirgonjpoly.edu.bd/site/admission [+] badarganjghs.edu.bd/site/admission [+] bhsd.edu.bd/site/admission [+] alfatah.edu.bd/site/admission [+] eastpoint.edu.bd/site/admission [+] dmacademy.edu.bd/site/admission [+] dhfs.edu.bd/site/admission [+] holyfaithbidyapith.edu.bd/site/admission [+] nurmhs.edu.bd/site/admission [+] novation.edu.bd/site/admission [+] newcambridge.edu.bd/site/admission [+] nalamsc.edu.bd/site/admission [+] mbkhschool.edu.bd/site/admission [+] lyceummacsc.edu.bd/site/admission [+] kalkinipghs.edu.bd/site/admission [+] jkgsc.edu.bd/site/admission [+] skham.edu.bd/site/admission [+] rainbowschool.edu.bd/site/admission [+] provideschool.edu.bd/site/admission [+] philosophia.edu.bd/site/admission [+] nvsc.edu.bd/site/admission [+] uttamschoolandcollegerangpur.edu.bd/site/admission ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top