Doksoft Uploader CSRF File Upload

2023.12.03
id L4663r666h05t (ID) id
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:/doksoft_uploader/userfiles/

Dork: inurl:/doksoft_uploader/userfiles/ Author: L4663r666h05t Thanks: Bivokids - Manadoghost - Indonesian Code Party Exploit: /doksoft_uploader/uploader.php?type=Files CSRF post files: files[] Allowed files extension: 7z, aiff, asf, avi, bmp, csv, doc, docx, fla flv, gif, gz, gzip, jpeg, jpg, mid, mov, mp3 mp4, mpc, mpeg, mpg, ods, odt, pdf, png, ppt pptx, pxd, qt, ram, rar, rm, rmi, rmvb, rtf sdc, sitd, swf, sxc, sxw, tar, tgz, tif, tiff txt, vsd, wav, wma, wmv, xls, xlsx, zip Path File: /doksoft_uploader/userfiles/files.jpg CSRF: http://v1.exploits.my.id/?tools=csrf


See this note in RAW Version
Vote for this issue:
66%
34%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top