Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
Not specified | CWE-79 | Not disclosed | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | High | Remote | 2018-12-26 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 0.02192 | 0.50148 |
*************************************************** # Exploit Title: Simple Upload dan Download File Cross Site Scripting ( XSS ) Vulnerability # Google Dork: inurl:/download.php "Tgl. Upload" # Exploit: /upload.php # Date: 26/12/2018 # Author: 0N3R1D3R # Team: Indonesia To World Team # Tested on: Windows 10 x64 *************************************************** [+] Search the dork in Google [+] Exploit the site with /upload.php [+] Give your payload xss and upload docx file or other [+] Success? Look at /download.php *************************************************** [+] Demo Site [+] http://muhammadsyarif.my.id/ti15e1/upload.php [+] http://www.spareparttruk.com/data/upload.php [+] http://www.ifaupdate.com/upload.php *************************************************** [+] Proof Of Concept [+]http://cvindomedia.com/login/donlodsimwasda/download.php *************************************************** Thanks To Indonesia To World Team
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.