Advertisement






eerkan file upload script unvalidated file upload Vulnerability

CVE Category Price Severity
N/A CWE-434 $500 High
Author Risk Exploitation Type Date
eerkan High Remote 2019-04-18
CPE
cpe:cpe:/a:eerkan:file_upload_script
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019040173

Below is a copy:

eerkan file upload script unvalidated file upload Vulnerability
[+] Exploit Title ; eerkan file upload script unvalidated file upload Vulnerability

[+] Date : 2019-04-18

[+] Author : 0P3N3R FROM IRANIAN ETHICAL HACKERS

[+] Vendor Homepage : https://github.com/eerkan/FileUploader

[+] Version : 1.1

[+] Dork : N/A

[+] My Site : ...

[+] Tested On : windows 10 - kali linux 2.0

[+] Contact : [email protected]

[+] Description :

[!] Free file upload script.

[+] Poc : 

[!] You can upload any files for ex : svg - php - html and etc

[!] localhost/index.php

[!] your file path : http://localhost/uploads/yourfile



[+] Security Level :

[!] Med

[+] Exploitation Technique:

[!] Remote

[+] Request Method :

[!] POST

[+] Vulnerability Link :

[*] http://localhost/index.php

[+] Vulnerable File (s) :

[!] index.php


[+] Fix :

[!] Restrict user input or replace bad characters


[+] We Are : [+] 0P3N3R [+] 

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.