Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Product version:cuppaCMS v1.0 http://cuppacms.com/files/cuppa_cms.zip
POST /alerts/alertLightbox.php url=../../../../../../../../../../../etc/passwd
location:alerts/alertLightbox.php line 113 <?php include $cuppa->getDocumentPath().@$cuppa->POST("url"); and $cuppa->POST
<?php include $cuppa->getDocumentPath().@$cuppa->POST("url");
// post public function POST($string){ return $this->sanitizeString(@$_POST[$string]); }
go on
public function sanitizeString($string){ return htmlspecialchars(trim(@$string)); }
so the post url without any lfi protected filter
you can check url ,for example check if it has .. then refuse this request
The text was updated successfully, but these errors were encountered:
Check #15. This is a duplicate.
Sorry, something went wrong.
No branches or pull requests
Product version:cuppaCMS v1.0 http://cuppacms.com/files/cuppa_cms.zip
poc
analysis
location:alerts/alertLightbox.php line 113

<?php include $cuppa->getDocumentPath().@$cuppa->POST("url");and $cuppa->POST
go on
so the post url without any lfi protected filter
Repair suggestions
you can check url ,for example check if it has .. then refuse this request
The text was updated successfully, but these errors were encountered: