ParsCMS - Arbitrary File Upload
# Google Dork: N/A
# Date: 2020-01-01
# Exploit Author: Unkn0wn (0x9a@tuta.io)
# Vendor Homepage: http://parscms.com/
# Software Link: private cms
# Version: 1.0
# Tested on: Ubuntu
# CVE : N/A
---------------------------------------------------------
exploit:
"modules/eform/upload/"
Demo:
http://iauda.ac.ir/modules/eform/upload/
https://www.msc.ir/modules/eform/upload/
http://farhangi.tums.ac.ir/en/modules/eform/upload/
http://old.isipo.ir/modules/eform/upload/
http://eskordi.com/modules/eform/upload/
http://pdiaari.tums.ac.ir/modules/eform/upload/
http://rvp.iauda.ac.ir/modules/eform/upload/
http://www.rca.gov.ir/modules/eform/upload/
http://farhangi.tums.ac.ir/en/modules/eform/upload/
Posting Komentar