Dexx CMS HTML and Site Builder version 2.2.3 suffers from cross site scripting and arbitrary file upload vulnerabilities.
afad1c220fc9a0f9c55b16ff2ee432a14c6bcfdc35bd7e270945acd8f3ea9e17====================================================================================================================================
| # Title : Dexx CMS - HTML and Site Builder V2.2.3 Remote File Upload vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla Firefox 114.0.1 (64 bits) |
| # Vendor : https://www.ezwsb.com/ |
| # Dork : "Our award-winning templates are the most beautiful way to present your ideas online." |
====================================================================================================================================
[+] P0C :
[+] The script is based on Laravel framework so you can apply the vulnerability for the framework
https://dl.packetstormsecurity.net/2301-exploits/laravel9470-disclose.txt
[-] XSS via file upload :
[+] Dorking İn Google Or Other Search Enggine.
[+] Register as a member of the target site .
[+] After registering, log in and go to /account/settings .
[+] path : https://127.0.0.1/storage/avatars/9SCDIW0ntFJYqaP9IfrOqhJfzNoyukqmbEOtJxH8.svg
[-] Unrestricted File Upload :
[+] Go to ( Dashboard/Projects/New)to create a new project or Choose a template for your project .
[+] Choose Edit Image and upload your malicious file .
[+] path : https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/ogSIFm8ztsQv4BBEy9Ci96utafSBsu45oe1RhL3y.htm
https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/kNHGCajolk2LcxsEZq8Q5sGn9p7Pt7gO5nOO1zwz.txt
https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/50otMfIHgIlJz3OFyuBMjeOSKaXs9a49YLZuaMlK.jpg
https://127.0.0.1/storage/projects/26/7u3ps1joxTO0o1e3jZYfvb3klddh3GFzS1dh/images/kc4FLhcYIWBq7AhOHTpxWwjPxwKRe4vX8nmLBahh.php
====Greetings to :=========================================================================================================================
| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh |
===========================================================================================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed