vendor:
SunLight CMS
by:
Unknown
7.5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: SunLight CMS
Affected Version From: SunLight CMS 5.3 and below
Affected Version To: SunLight CMS 5.3
Patch Exists: NO
Related CWE: CVE not provided
CPE: a:sunlight_cms:sunlight_cms:5.3
Metasploit:
https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2023-22024/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2023-20212/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2022-24834/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2023-27395/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2023-22325/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp9-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/huawei-euleros-2_0_sp9-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2023-3326/, https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/apple-osx-cups-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/amazon-linux-ami-2-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2023-34241/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2023-3138/, https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2023-1825/, https://www.rapid7.com/db/?q=CVE+not+provided&type=&page=2, https://www.rapid7.com/db/?q=CVE+not+provided&type=&page=3, https://www.rapid7.com/db/?q=CVE+not+provided&type=&page=4, https://www.rapid7.com/db/?q=CVE+not+provided&type=&page=2
Platforms Tested:
2007
SunLight CMS 5.3 <= Remote File Inclusion Vulnerability
This vulnerability allows remote attackers to include arbitrary files and execute malicious code by exploiting the 'connect.php' and 'startup.php' files in SunLight CMS 5.3 and below. The vulnerability exists due to the lack of proper input validation and sanitization in the affected files, which allows an attacker to manipulate the 'root' parameter and include arbitrary files from a remote server.
Mitigation:
To mitigate this vulnerability, it is recommended to update to a patched version of SunLight CMS that addresses the file inclusion vulnerability. Additionally, it is advised to implement proper input validation and sanitization in the affected files to prevent remote file inclusion.