Exploit Pluck CMS 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
36129
Проверка EDB
  1. Пройдено
Автор
BL4K3
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2011-09-08
Код:
source: https://www.securityfocus.com/bid/49525/info

Pluck is prone to multiple file-include and a file-disclosure vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks.

An attacker can exploit local file-disclosure vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.

Pluck 4.7 is vulnerable; other versions may also be affected. 

1-File Inclusion:
 
include(ALBUMS_DIR.'/'.$_GET['album'].'.php');
 
Require:
 
if (file_exists(ALBUMS_DIR.'/'.$_GET['album'].'.php')) {
function albums_pages_site() {
 
2-File Inclusion
 
include (ALBUMS_DIR.'/'.$album['seoname'].'.php');
foreach ($albums as $album) {
$albums  = albums_get_albums();
 
3-File Disclosure
 
echo readfile('../../settings/modules/albums/'.$image);
$image = $_GET['image'];
 
requires:
 
if (file_exists('../../settings/modules/albums/'.$image)) {
 
Источник
www.exploit-db.com

Похожие темы