eerkan file upload script unvalidated file upload Vulnerability
CVE
Category
Price
Severity
N/A
CWE-434
$500
High
Author
Risk
Exploitation Type
Date
eerkan
High
Remote
2019-04-18
CPE
cpe:cpe:/a:eerkan:file_upload_script
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019040173 Below is a copy:
eerkan file upload script unvalidated file upload Vulnerability [+] Exploit Title ; eerkan file upload script unvalidated file upload Vulnerability
[+] Date : 2019-04-18
[+] Author : 0P3N3R FROM IRANIAN ETHICAL HACKERS
[+] Vendor Homepage : https://github.com/eerkan/FileUploader
[+] Version : 1.1
[+] Dork : N/A
[+] My Site : ...
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : [email protected]
[+] Description :
[!] Free file upload script.
[+] Poc :
[!] You can upload any files for ex : svg - php - html and etc
[!] localhost/index.php
[!] your file path : http://localhost/uploads/yourfile
[+] Security Level :
[!] Med
[+] Exploitation Technique:
[!] Remote
[+] Request Method :
[!] POST
[+] Vulnerability Link :
[*] http://localhost/index.php
[+] Vulnerable File (s) :
[!] index.php
[+] Fix :
[!] Restrict user input or replace bad characters
[+] We Are : [+] 0P3N3R [+]
Copyright ©2024 Exploitalert.
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum