CVE-2008-6734
published 2009-04-21CVE-2008-6734: Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
2.96%
85.5th percentile
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| keller_web_admin | kwa | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
exploitdb·2008-06-26
CVE-2008-6734 Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (1)
---
Keller Web Admin CMS Local File Inclusion Vulnerability
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
AUTHOR : CWH Underground
DATE : 26 June 2008
SITE : cwh.citec.us
#####################################################
APPLICATION : Keller Web Admin CMS
VERSION : 0.94 Pro
VENDOR : N/A
DOWNLOAD : http://downloads.sourceforge.net/kwa
#####################################################
--- Local File Inclusion ---
Vulnerable File [/Public/index.php]
@Line
21: if (isset($_GET['action'])) {
2
Exploit-DB
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (2)
exploitdb·2008-06-26
CVE-2008-6734 Keller Web Admin CMS 0.94 Pro - Local File Inclusion (2)
Keller Web Admin CMS 0.94 Pro - Local File Inclusion (2)
---
@~~===========================================~~@
| Author => StAkeR ~ [email protected] |
@~~===========================================~~@
+ +
@~~===========================================~~@
| Keller Web Admin <= Local File Inclusion |
@~~===========================================~~@
| Public/index.php?action=../../etc/passwd%00 |
@~~===========================================~~@
+
@~~===============================================================~~@
| http://mesh.dl.sourceforge.net/sourceforge/kwa/kwa_0_94_pro.zip |
@~~===============================================================~~@
# milw0rm.com [2008-06-26]
No writeups or analysis indexed.
http://www.securityfocus.com/bid/29971https://exchange.xforce.ibmcloud.com/vulnerabilities/43373https://www.exploit-db.com/exploits/5940https://www.exploit-db.com/exploits/5956http://www.securityfocus.com/bid/29971https://exchange.xforce.ibmcloud.com/vulnerabilities/43373https://www.exploit-db.com/exploits/5940https://www.exploit-db.com/exploits/5956
2009-04-21
Published