Mega File Manager 'name' Parameter Directory Traversal Vulnerability
BID:53189
Info
Mega File Manager 'name' Parameter Directory Traversal Vulnerability
| Bugtraq ID: | 53189 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 22 2012 12:00AM |
| Updated: | Apr 22 2012 12:00AM |
| Credit: | i2sec-Min Gi Jo |
| Vulnerable: |
AwesomePHP Mega File Manager 1.0 |
| Not Vulnerable: | |
Discussion
Mega File Manager 'name' Parameter Directory Traversal Vulnerability
Mega File Manager is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application.
Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
Mega File Manager 1.0 is vulnerable; other versions may also be affected.
Mega File Manager is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.
Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application.
Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
Mega File Manager 1.0 is vulnerable; other versions may also be affected.
Exploit / POC
Mega File Manager 'name' Parameter Directory Traversal Vulnerability
An attacker can exploit the issue with a browser.
The following example URI is available:
http://www.example.com/megafilemanager/cimages.php?name=../../../../boot.ini
An attacker can exploit the issue with a browser.
The following example URI is available:
http://www.example.com/megafilemanager/cimages.php?name=../../../../boot.ini
Solution / Fix
Mega File Manager 'name' Parameter Directory Traversal Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Mega File Manager 'name' Parameter Directory Traversal Vulnerability
References:
References:
- Mega File Manager - Homepage (AwesomePHP)