Jump to content
OpenSecurity.global

  • Recently Browsing   0 members

    No registered users viewing this page.

Sign in to follow this  
Followers 0
Robbie Wiggins

CVE-2019-0604 SharePoint unauthenticated RCE redux

By Robbie Wiggins, in General Discussion

Recommended Posts

Robbie Wiggins    3

Robbie Wiggins
Posted (edited)

Any one got a way to fingerprint a vuln site loads error out when hitting the right endpoint and one or two are blank.

  


Sorry, something went wrong
Could not load type 'Microsoft.SharePoint.Portal.WebControls.ItemPickerDialog' from assembly 'Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c'.
Technical Details

Any one able to confirm?

 

Endpoint to hit should be  

/_layouts/15/picker.aspx?PickerDialogType=Microsoft.SharePoint.Portal.WebControls.ItemPickerDialog

 

Edited by Robbie Wiggins

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing

  • Members online now

    No members to show

×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy

  I accept