Open Journal Systems Arbitrary File Upload

tr Emyounoone (TR) tr
Risk: Medium
Local: No
Remote: Yes

# Title: Open Journal Systems Arbitrary File Upload # Author: Emyounoone # Google Dork: /index.php/journal # Date: 29/10/2021 # Vendor Homepage (Example): # Tested on: Kali Linux | Cyberfox # Vulnerable Path: index.php/journal/ Exploit: You can upload a webshell onn using this exploit Firstly register as a writer on Open Journal Systems (OJS) and login it. After that you need to be a report a submission. While you are uploading a new submission you can upload a academical file on the web server. You can upload every file type on this part After you upladed a webshell : example:$$$call$$$/api/file/file-api/download-file?fileId=302&revision=1&submissionId=---114---&stageId=1 The result might be like this. After copy this link and paste anywhere: As we know submissionId=---114 is our file id : 114 (This is variable) You can acces your shell part using this id: Result Example: If you succeeded you can acces your shell

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021,


Back to Top