<pre><code>====================================================================================================================================<br />| # Title : Dexx CMS - HTML and Site Builder V2.2.3 Remote File Upload vulnerability |<br />| # Author : indoushka |<br />| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla Firefox 114.0.1 (64 bits) | <br />| # Vendor : https://www.ezwsb.com/ | <br />| # Dork : "Our award-winning templates are the most beautiful way to present your ideas online." |<br />====================================================================================================================================<br /><br />[+] P0C : <br /><br />[+] The script is based on Laravel framework so you can apply the vulnerability for the framework<br /><br /> https://dl.packetstormsecurity.net/2301-exploits/laravel9470-disclose.txt<br /> <br />[-] XSS via file upload :<br /><br />[+] Dorking İn Google Or Other Search Enggine.<br /><br />[+] Register as a member of the target site .<br /><br />[+] After registering, log in and go to /account/settings .<br /><br />[+] path : https://127.0.0.1/storage/avatars/9SCDIW0ntFJYqaP9IfrOqhJfzNoyukqmbEOtJxH8.svg <br /><br />[-] Unrestricted File Upload :<br /><br />[+] Go to ( Dashboard/Projects/New)to create a new project or Choose a template for your project .<br /><br />[+] Choose Edit Image and upload your malicious file .<br /><br />[+] path : https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/ogSIFm8ztsQv4BBEy9Ci96utafSBsu45oe1RhL3y.htm<br /><br /> https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/kNHGCajolk2LcxsEZq8Q5sGn9p7Pt7gO5nOO1zwz.txt<br /><br /> https://127.0.0.1/storage/projects/1628/iGqYdWiwCUZGShvwQ4p14VLzvxbey33IN85U/images/50otMfIHgIlJz3OFyuBMjeOSKaXs9a49YLZuaMlK.jpg<br /> <br /> https://127.0.0.1/storage/projects/26/7u3ps1joxTO0o1e3jZYfvb3klddh3GFzS1dh/images/kc4FLhcYIWBq7AhOHTpxWwjPxwKRe4vX8nmLBahh.php<br /><br /><br /><br />====Greetings to :=========================================================================================================================<br />| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh |<br />===========================================================================================================================================<br /></code></pre>