header-logo
Suggest Exploit
vendor:
CMS
by:
Battousai
8,8
CVSS
HIGH
Upload Vulnerability
N/A
CWE
Product Name: CMS
Affected Version From: v3.0.4
Affected Version To: v3.0.4
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3, Linux Ubuntu 10.04
N/A

Subdreamer Pro v3.0.4 CMS upload Vulnerability

Subdreamer Pro v3.0.4 CMS is vulnerable to an upload vulnerability. An attacker can register an account at http://127.0.0.1/index.php?categoryid=4 and then upload a malicious file to http://127.0.0.1/index.php?categoryid=2&p17_sectionid=2&p17_action=submitimage

Mitigation:

Ensure that all user-uploaded files are properly validated and sanitized before being stored on the server.
Source

Exploit-DB raw data:

__________         __    __                              .__ 
\\\\______   \\\\_____ _/  |__/  |_  ____  __ __  ___________  |__|
 |    |  _/\\\\__  \\\\\\\\   __\\\\   __\\\\/  _ \\\\|  |  \\\\/  ___/\\\\__  \\\\ |  |
 |    |   \\\\ / __ \\\\|  |  |  | (  <_> )  |  /\\\\___ \\\\  / __ \\\\|  |
 |______  /(____  /__|  |__|  \\\\____/|____//____  >(____  /__|
        \\\\/      \\\\/                             \\\\/      \\\\/   

######################################################
# Exploit Title: Subdreamer Pro v3.0.4 CMS upload Vulnerability
# Author: Battousai
# Home: http://hack.pro.mk & https://ssteam.ws
# Software Link:N/A
# Version: v3.0.4
# Tested on: Windows XP SP3, Linux Ubuntu 10.04
# CVE : N/A
#Dork: \\\"Website powered by Subdreamer CMS & Sequel Theme Designed by indiqo.media\\\"
######################################################


Exploit:

1. Register your account at: http://127.0.0.1/index.php?categoryid=4

2. After registring point your browser at: http://127.0.0.1/index.php?categoryid=2&p17_sectionid=2&p17_action=submitimage (and upload is complete)



######################################################
# Greetz to: SilenceD, Zer0Flag, Evilb4st4rd, internet
# KingPin, s3th, packetdeath, Horadrim, AnnexxEmpire
# sM10, 599eme Man, Xylitol, __KiNG, 777, sp1r1t
# d3v1l, AlphaDog, n3d
# and every living person at:
# http://hack.pro.mk & https://ssteam.ws
######################################################

Navigation

Suggest Exploit

Services By CQR