NextCMS File Upload Vulnerability
| Exploit Title: NextCMS File Upload Vulnerability
| Exploit Author: Ashiyane Digital Security Team
| vendor homepage : http://www.cnblogs.com/ForEvErNoME/p/4987513.html
| DownloadLink : https://github.com/TerryChenUI/NextCMS
| Google Dork 1: inurl:/Content/Roxy_Fileman/
| Google Dork 2: intitle:"roxy file manager"
| Tested on: Kali Linux
| Date: 1 /11 / 2017
|===========|
| Vulnerability Path : http://[Target]/[Path]/Content/Roxy_Fileman/
| Vulnerability Method :GET
|===========|
| Vulnerability description:
| This page allows visitors to upload files to the server.
| Various web applications allow users to upload files (such as images, html,..).
|=============================================================|
|Demo :
|http://www.rnrgames.com/content/Roxy_Fileman/
|http://www.devfw.net/Content/Roxy_Fileman/
|http://con-serv.com.au/Content/Roxy_Fileman/index.html
|http://www.rnrgames.com/content/Roxy_Fileman/
*=============================================================|
| Special Thanks To : Behrooz_Ice، Virangar ,H_SQLI.EMpiRe ، Ehsan Cod3r ، micle ،
| Und3rgr0und ، Amir.ght ، xenotix، modiret، V For Vendetta ، Alireza ،
| r4ouf ، Spoofer ، And All Of My Friends ،
| The Last One : My Self, M.R.S.L.Y
*=============================================================|
Post a Comment