########################################################
#
# Exploit Title : Efront Multiple Vulnerabilities
#
# Author        : IrIsT.Ir & Sec4Ever.com
#
# Discovered By : L3b-r1'z
#
# Home          : http://IrIsT.Ir & http://Sec4Ever.com
#
# P Blob        : http://L3b-r1z.com/
#
# Software Link : http://www.efrontlearning.net
#
# Security Risk : High
#
# Version       : 3.6.11
#
# Tested on     : win\XP
#
# Dork          : allintext: "eFront (version 3.6.11)"
#
########################################################
#
#  RFU - Remote File Upload :
#
#  first, you have to register in the site :).
#  then go to your profile, and make messege to everyone
#  upload .php shell as ATTACHMENT, then click SEND MESSEGE
########################################################
#
# Xss :
#
# First, You Have To Register In The Site :).
# Then Go To Your Profile, and Make New Messege To Admin site
# Put On Subject b0x : "><ScRiPt>alert("LOL")</ScRiPt>
# Now Click Send Messege And Enjoy.
#
#
#########################################################
#
# Special Thx to : Irist.ir Team & Sec4ever.com Team
#
#########################################################
#
# Greet'z : Am1r, The Injector, Sec4ever, b0x, Paulzz, Virus-Ra3ech,
Damane2011
# Hacker-1420, Th3 Killer Dz, OVER-X <3, Stalk3r, The Viper, N4ss1m, B07
M4S73R
# Ked-Ans, And All Members Of Irist And Sec4ever
#
#########################################################

-- 
Proud To Be Lebanese :D

I Will Miss You My Friends : b0x, Virus-Ra3ch, Damane2011, Hacker-1420, The
Injector, N4ss1m, Sec4ever, B07 M4S73R, Stalk3r, Hacker-Dz, Mr.XKILLeR, The
Viper, Th3 Killer Dz, Over-X <3, And All My Friends.

Sec4ever.com.