Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-24403 | CWE-434 | $5,000 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Seyi Only | Critical | Remote | 2020-08-23 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | 0.02192 | 0.50148 |
# Exploit Title: E-Learning Madrasah 2.0 - Arbitary File Upload # Google Dork: intitle:E-Learning Madrasah - Halaman Login # Exploit Author: Gh05t666nero # Date: 2020-08-23 # Vendor Homepage: https://elearning.kemenag.go.id/ # Software Link: https://elearning.kemenag.go.id/ # Version: v2.0 # Category: Webapps # Tested on: LAMP for Linux # # Description: The page located at `https://learning.target.sch.id/__statics/ckdrive/ckfinder.html` suffers from a Arbitary File Upload vulnerability. # # #----------------------------------------------------------- # # Vulnerable Page: https://learning.target.sch.id/__statics/ckdrive/ckfinder.html # Demo: http://elearning.mawalisongo.sch.id/__statics/ckdrive/ckfinder.html # File: http://elearning.mawalisongo.sch.id/__statics/gudangsoal/files/Zero-Day.txt #-----------------------------------------------------------
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.