Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31022
HistoryAug 26, 2014 - 12:00 a.m.

DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config

2014-08-2600:00:00
vulners.com
37

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Title : DNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config

Author : alieye

vendor : http://dnnsoftware.com/

Contact : [email protected]

Risk : High

Class: Remote

Google Dork:

inurl:ctl/+inurl:/tab

inurl:ctl+inurl:tab Model Modules Pages

inurl:ctl=tab Page Details Copy Page Permissions

Version: all version

Date: 25/08/2014

os : windows server 2008

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++

You can making your own attack with Vulnerable Page
go to victim site and making with Ribbon Bar moduels (phishing page,deface page or privilege escalation)

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , 3.14nnph , amir and all cseye members
[#] Thanks To All Iranian Hackers
[#] website : http://cseye.vcp.ir/
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++