CVE-2023-29887
published 2023-04-18CVE-2023-29887: A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter.
PriorityP356high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
4.74%
90.7th percentile
A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| nuovo | spreadsheet-reader | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect LFI exploitation attempts targeting the 'File' parameter in test.php; match HTTP GET requests to test.php with path traversal sequences in the File parameter. ↗
- →Use regex 'root:[x*]:0:0' in HTTP response body to confirm successful /etc/passwd inclusion and active exploitation. ↗
- →Monitor for HTTP 200 responses to requests containing path traversal strings (e.g., '../../../') targeting test.php on spreadsheet-reader installations. ↗
- ·The vulnerability is only present in spreadsheet-reader version 0.5.11; installations under both '/spreadsheet-reader/' and '/nuovo/spreadsheet-reader/' path prefixes should be checked. ↗
- ·The Nuclei template uses stop-at-first-match across two candidate base paths, meaning only one path may be probed per scan run; ensure both paths are covered in detection logic. ↗
- ·High EPSS score (0.88637, 99.5th percentile) indicates this vulnerability is actively being exploited in the wild; prioritize detection and patching accordingly. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2023-29887 [HIGH] Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion
Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion
A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter.
Template:
id: CVE-2023-29887
info:
name: Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion
author: ctflearner
severity: high
description: |
A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, potential data leakage, and further compromise of the server.
remediation: |
Upgrade to a patched version of Nuovo Spreadsheet Reader or apply the vendor-provided fix to mitigate the
2023-04-18
Published