Monday, 28 September 2015

"Java Script editor" Remote File edit Vulnerability

"Java Script editor" Vulnerability is a web application Vulnerability, we can upload our deface page on websites by replacing file's source code with our deface Code,
Vulnerable URL : /accounts.newone/javascript/editor/example05_editingfile/default.php
dork : inurl: /accounts.newone/javascript/editor/example05_editingfile/
         inurl:/accounts.newone/javascript/
         inurl:/accounts.newone/javascript/editor/
Goto website.com//accounts.newone/javascript/editor/example05_editingfile/default.php
(URL's example may be chnaged like example04 and example 02 etc)
Now click on edit source code and paste your deface Page's source there
and save file, check image for Explanation
cats.jpg (733×538)
Live demo :
https://atlaschb.com/accounts.newone/javascript/editor/example05_editingfile/default.php
Other vulnrable websites :
https://peacereformed.org/accounts.newone/javascript/editor/example05_editingfile/default.php
https://jbgint.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://newrcachurch.org/accounts.newone/javascript/editor/example05_editingfile/default.php
https://concertcourse.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://hostingwithservice.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://resalesperson.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://resalesblog.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://geo-jo.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://classiccarlift.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://businessofrealestatebrokerage.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://newark.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://fairwestswing.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://northlibertyplaza.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://designingresults.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://computerconstruction.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://cltia.org/accounts.newone/javascript/editor/example05_editingfile/default.php
https://retiringok.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://itdrtw.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://citytractor.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://carolinesinteriors.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://bzfiend.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://beyourselfmarketing.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://atlaschb.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://427heaven.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://wreckdisk.com/accounts.newone/javascript/editor/example05_editingfile/default.php
https://century21-heritage.com/accounts/javascript/editor/example05_editingfile/default.php

1 comment:
Write comments
  1. This comment has been removed by a blog administrator.

    ReplyDelete

Get Updates about Latest Hacks, Exploits, Applications and Softwares. http://www.devilscafe.in/
Join Our Newsletter