# Exploit Title: Multiple Vulnerability xEpan 1.0.4
# Google Dork: not yet
# Date: 2014-11-27
# Exploit Author: Parikesit , Kurawa In Disorder
# Vendor Homepage: http://xepan.org  
# Software Link: http://www.xepan.org/index.php?subpage=download  
# Version: 1.0.4 
# Tested on: Windows 7 Ultimate  
# Vulnerability Type: File Upload  
# Risk Level: High  
# Solution Status: Not Fixed  
# Discovered and Provided: Kurawa In Disorder ( http://kurawa.indonesianbacktrack.or.id ) , Indonesian Backtrack Team ( http://indonesianbacktrack.or.id )




Advisory Details:

xEpan have elfinder which can exploited to upload a backdoor

1.) vulnerable page : http://target/elfinder/elfinder.html
 
Just upload your php backdoor and acess there http://target/elfinder/files/<backdoor_name>

2.) leak database information : http://target/install.sql
  
after installation the script not remove the .sql file it&#8217;s can be danger

3.) important file , like ftp password stored in a public file : http://target/ftpsync.settings

very danger , how to prevent just use a private privilages or delete the file

4.) weak password used : http://target/index.php?page=owner_dashboard
  
admin:admin 😮



http://1337day.com/exploit/description/22965