============================================================================================================================ | # Title : Rich FileManager v2.7.0 xss via file uploads Vulnerability | | # Author : indoushka | | # Telegram : @indoushka | | # Tested on : windows 10 FranASSais V.(Pro) | | | # Vendor : http://fm.devale.pro/fm.zip | | # Dork : "Rich FileManager" | ============================================================================================================================ POC : [+] Dorking Adegn Google Or Other Search Enggine . [+] choose your file svg and upload it . svg code http://fm.devale.pro/userfiles/index.svg Greetz :---------------------------------------------------------------------------------------- | jericho * Larry W. Cashdollar * shadow0075 * djroot.dz *Gjoko 'LiquidWorm' Krstic | | ================================================================================================