CVE-2015-2794 PoC — DotNetNuke 安全漏洞

Source

https://github.com/styx00/DNN_CVE-2015-2794

Associated Vulnerability

Title:DotNetNuke 安全漏洞 (CVE-2015-2794)
Description:DotNetNuke（DNN）是美国DNN公司的一套由微软支持、基于ASP.NET平台的开源内容管理系统（CMS）。该系统具有易于安装、可扩展、功能丰富等特点。 DNN 7.4.1之前的版本中的installation wizard存在安全漏洞。远程攻击者可通过向Install/InstallWizard.aspx文件发送直接请求利用该漏洞重新安装应用程序，并获取SuperUser访问权限。

Description

NSE plugin for Nmap that scans a DotNetNuke (DNN) web application for an Administration Authentication Bypass vulnerability (CVE-2015-2794, EDB-ID: 39777).

Readme

# DNN_CVE-2015-2794
NSE plugin for Nmap that scans a DotNetNuke (DNN) web application for an Administration Authentication Bypass vulnerability (CVE-2015-2794, EDB-ID: 39777).

File Snapshot


 [4.0K]  /data/pocs/4dcfb0cd99f6323b484f7ecadb87096bae47e1fb
├── [5.6K]  http-vuln-cve2015-2784.nse
└── [ 176]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!