Advertisement






eerkan file upload script unvalidated file upload Vulnerability

CVE Category Price Severity
N/A CWE-434 $500 High
Author Risk Exploitation Type Date
eerkan High Remote 2019-04-18
CPE
cpe:cpe:/a:eerkan:file_upload_script
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019040173

Below is a copy:

eerkan file upload script unvalidated file upload Vulnerability
[+] Exploit Title ; eerkan file upload script unvalidated file upload Vulnerability

[+] Date : 2019-04-18

[+] Author : 0P3N3R FROM IRANIAN ETHICAL HACKERS

[+] Vendor Homepage : https://github.com/eerkan/FileUploader

[+] Version : 1.1

[+] Dork : N/A

[+] My Site : ...

[+] Tested On : windows 10 - kali linux 2.0

[+] Contact : [email protected]

[+] Description :

[!] Free file upload script.

[+] Poc : 

[!] You can upload any files for ex : svg - php - html and etc

[!] localhost/index.php

[!] your file path : http://localhost/uploads/yourfile



[+] Security Level :

[!] Med

[+] Exploitation Technique:

[!] Remote

[+] Request Method :

[!] POST

[+] Vulnerability Link :

[*] http://localhost/index.php

[+] Vulnerable File (s) :

[!] index.php


[+] Fix :

[!] Restrict user input or replace bad characters


[+] We Are : [+] 0P3N3R [+]

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum