vendor:
STACK
by:
R3VAN_BASTARD
9,3
CVSS
HIGH
Local File Inclusion (LFI)
22
CWE
Product Name: STACK
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: No
Related CWE: N/A
CPE: a:stack:stack:1.1
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2020
[L.F.I]STACK version 1.1[L.F.I]
This exploit allows an attacker to read sensitive files on the server by exploiting a Local File Inclusion (LFI) vulnerability in STACK version 1.1. The vulnerability exists due to insufficient sanitization of user-supplied input in the "action" parameter of the "documentation.php" script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. "/../") and a null byte (%00) to the vulnerable script. This will allow the attacker to read sensitive files on the server, such as the "/etc/passwd" file.
Mitigation:
To mitigate this vulnerability, the application should validate user-supplied input and ensure that it does not contain any malicious characters.
