Exploit Nova CMS - Directory Traversal

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
18403
Проверка EDB
  1. Пройдено
Автор
RED SECURITY TEAM
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2012-01-21
Код:
# 
# Title     : Nova CMS Directory Travel
# Author    : Red Security TEAM
# Date      : 21/01/2012
# Download  : http://www.nova-cms.com/uploads/files/novacms.zip
# Tested On : CentOS
# Dork      : Copyright ©2005-2011 by Nova CMS.
# Contact   : Info [ 4t ] RedSecurity [ d0t ] COM
# Home      : http://RedSecurity.COM
#
# Exploit   :
# 
# 1. Register
# 2. Go to forum and click on "NEW TOPIC"
# 3. In the above tab in editor click on last picture "Attach File"
# 4. Start Live HTTP headers
# 5. Add a new allowed file
# 6. Find dir=uploads%2Fforum%2Fdata-YourUsername2F&options=true&ajax=true and click on Reply on Live HTTP headers
# 7. Change to dir=uploads%2F , dir=uploads%2Fbackup%2F
# 8. You can't back to directory before uploads directory but you can see all directory in uploads example another users files and uploads/backup/ ;):D
#
 
Источник
www.exploit-db.com

Похожие темы