The Design Factory - Arbitrary File Upload
# Exploit Title: The Design Factory - Arbitrary File Upload
# Google Dork: intext:"Developed by The Design Factory" '
# Date: 16 December 2017 (Indonesia)
# Exploit Author: AlHikam0x
# Tested on: Ubuntu
Proof of Concept
1.Check Vulnerability : https://web-target/adminside/server/php/
View image : Disini
2.Array type Upload : files[]
CSRF online
3.Check file uploaded : https://web-target/images/block/file.php
# Google Dork: intext:"Developed by The Design Factory" '
# Date: 16 December 2017 (Indonesia)
# Exploit Author: AlHikam0x
# Tested on: Ubuntu
Proof of Concept
1.Check Vulnerability : https://web-target/adminside/server/php/
View image : Disini
2.Array type Upload : files[]
CSRF online
3.Check file uploaded : https://web-target/images/block/file.php
Post a Comment