CVE-2008-7176
published 2009-09-08CVE-2008-7176: Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang…
PriorityP334medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.97%
78.0th percentile
Multiple directory traversal vulnerabilities in Facil CMS 0.1RC allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) change_lang parameter to index.php or (2) modload parameter to modules.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| celina_jorge | facil_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Facil-CMS 0.1RC2 - Local/Remote File Inclusion
exploitdb·2010-04-04
CVE-2008-7176 Facil-CMS 0.1RC2 - Local/Remote File Inclusion
Facil-CMS 0.1RC2 - Local/Remote File Inclusion
---
########################################################
Facil-CMS (LFI/RFI) Vulnerability
########################################################
[+]Title : Facil-CMS Multiple Vulnerability
[+]Version: 0.1RC2
[+]Download: http://sourceforge.net/projects/facil-cms/files/
[+]Author: eidelweiss
[+]Contact: eidelweiss[at]cyberservices[dot]com
[!]Thank`s To: all friends
########################################################
-=[ Vuln C0de ]=-
[-]facil-cms/index.php
require_once('config.inc.php');
require_once(_FACIL_INCLUDES_PATH_ . '/facil-settings.php');
$config = new facilConfig();
$utils = new facilUtils();
if($utils->is_module($config->getSiteIndex()))
require_once(_FACIL_MODULES_PATH_ . '/' . $config->getSiteIndex() . '/config
Exploit-DB
Facil-CMS 0.1RC - Multiple Local File Inclusions
exploitdb·2008-06-12
CVE-2008-7176 Facil-CMS 0.1RC - Multiple Local File Inclusions
Facil-CMS 0.1RC - Multiple Local File Inclusions
---
Facil-CMS 0.1RC Local File Inclusion Vulnerabilities
,--^----------,--------,-----,-------^--,
| ||||||||| `--------' | O .. CWH Underground Hacking Team ..
`+---------------------------^----------|
`\_,-------, _________________________|
/ XXXXXX /`| /
/ XXXXXX / `\ /
/ XXXXXX /\______(
/ XXXXXX /
/ XXXXXX /
(________(
`------'
AUTHOR : CWH Underground
DATE : 12 June 2008
SITE : www.citec.us
#####################################################
APPLICATION : Facil-CMS
VERSION : 0.1RC
VENDOR : http://facilcms.org/
DOWNLOAD : http://downloads.sourceforge.net/facil-cms
#####################################################
+++ Local File Inclusion Exploit +++
Description
[+]Use Web Proxy (Web Scarab, Burb Proxy, etc...) to intercep
2009-09-08
Published