Advertisement






Online Lawyer Booking Solutions - GOCOURT v1.0 WebShell Upload

CVE Category Price Severity
N/A CWE-434 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2019-06-28
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019060145

Below is a copy:

Online Lawyer Booking Solutions - GOCOURT v1.0 WebShell Upload
/*!
* ::- Title: Online Lawyer Booking Solutions - GOCOURT v1.0 WebShell Upload
* ::- Author: m0ze
* ::- Date: 2019/05/01
* ::- Software: Online Lawyer Booking Solutions - GOCOURT v1.0
*/
  
::- Details & Description -::
~ WebShell upload capability was discovered in the Online Lawyer Booking Solutions - GOCOURT. Current version of this web-application is 1.0.

::- Demo Website -::
~ https://codecanyon.net/item/gocourt-find-a-lawyer/17787763
~ Frontend: http://demo.gocourt.in
~ Backend: http://demo.gocourt.in/admin
~ Login / Password: admin / admin

::- Special Note -::
~ Stored XSS Injections is possible too, but it's not really interesting.

::- Google Dork -::
~ -

::- PoC Links -::
~ http://demo.gocourt.in/admin/uploads/
~ http://demo.gocourt.in/admin/uploads/up-up.php
~ http://demo.gocourt.in/admin/uploads/up-dir.php
~ http://demo.gocourt.in/admin/images/user-image.php

::- PoC [WebShell Upload] -::
~ Go to the demo website http://demo.gocourt.in/admin and log in with provided credentials (admin / admin). Then go to the:
1 - Edit Profile page http://demo.gocourt.in/admin/welcome/editprofile_view and use the Display Image field for .php file upload;
2 - Webinfo Details page http://demo.gocourt.in/admin/Settings/index and use the Logo field for .php file upload;
3 - View Customers Details page http://demo.gocourt.in/admin/Customer_Controller/index and use the Professional Photograph field for .php file upload (create a new profile or edit any existed).

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.