eform 3solutions Arbitrary File Upload

2020.04.10
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

################################################################### # Exploit Title : eform Arbitrary File Upload # Author [ Discovered By ] : EbRaHiM-VaKeR # Team : Iranonymous Team # Date : 2020/04/09 # Vendor Homepage : http://3solutions.cz/ # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : High # Site: http://iranonymous.ir ################################################################### #Google Dork: inurl:/modules/eform/globals/upload/ (Use Your brain :v) ################################################################### # Example Vulnerable Sites : ************************* [+] https://www.safakian.com/modules/eform/globals/upload/ [+] https://parscms.com/modules/eform/globals/upload/ [+] http://novinpartco.com/modules/eform/globals/upload/ ################################################################### # Discovered By EbRaHiM-VaKeR from IranonymousTm 4min.x / Kaveh Turk / Mr JxRoot / J3N ###################################################################


Vote for this issue:
20%
80%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top