إرسال #624972: Vvveb 1.0.5 Internal File Readالمعلومات

عنوانVvveb 1.0.5 Internal File Read
الوصفDescription The endpoint at [/vadmin123/index.php?module=editor/editor&url=/&template=index.html] is vulnerable to file read. The vulnerability allows you to read old Vvveb files that were previously being used by an older Vvveb version. Its current severity is low because I wasn't able to read sensitive files. Reproduce Login as an editor or any user with access to “Edit website” functionality. Open the following endpoint: http://127.0.0.1/vadmin123/index.php?module=editor/editor&url=/&template=index.html Change the path to this: http://127.0.0.1/vadmin123/index.php?module=editor/editor&url=index.html This will allow you to open files located at the following server path: /var/www/html/public/admin/default I found this file by searching for a keyword I had found on index.html [editor/editor&url=index.html]: find . -type f -exec grep -l 'Vvveb 0.2 is now available!' {} + This directly contains the following files: /var/www/html/public/admin/default # ls -la total 448 drwx-wx-wx 22 www-data www-data 4096 Jan 3 14:56 . drwx-wx-wx 3 www-data www-data 4096 Jan 3 14:57 .. -rwx-wx-wx 1 www-data www-data 10173 Jan 3 14:56 LICENSE -rwx-wx-wx 1 www-data www-data 5378 Jan 3 14:56 README.md drwx-wx-wx 2 www-data www-data 4096 Jan 3 14:56 admin drwx-wx-wx 3 www-data www-data 4096 Jan 3 14:56 content drwx-wx-wx 2 www-data www-data 4096 Jan 3 14:56 css drwx-wx-wx 2 www-data www-data 4096 Jan 3 14:56 editor drwx-wx-wx 4 www-data www-data 4096 Jan 3 14:56 email -rwx-wx-wx 1 www-data www-data 73835 Jan 3 14:56 error403.html -rwx-wx-wx 1 www-data www-data 73408 Jan 3 14:56 error404.html -rwx-wx-wx 1 www-data www-data 74142 Jan 3 14:56 error500.html -rwx-wx-wx 1 www-data www-data 3150 Jan 3 14:56 favicon.ico drwx-wx-wx 2 www-data www-data 4096 Jan 3 14:56 field drwx-wx-wx 2 www-data www-data 4096 Jan 3 14:56 fields You can open files for reading. I was able to read package.json: http://127.0.0.1/vadmin123/index.php?module=editor/editor&url=package.json Some old files like systeminfo.html may provide information about old configuration used by the web app: http://127.0.0.1/vadmin123/index.php?module=editor/editor&url=tools/systeminfo.html
المصدر⚠️ https://hkohi.ca/vulnerability/10
المستخدم
 0xHamy (UID 88518)
ارسال29/07/2025 08:21 PM (9 أشهر منذ)
الاعتدال04/08/2025 08:27 AM (6 days later)
الحالةتمت الموافقة
إدخال VulDB318645 [givanz Vvveb حتى 1.0.5 Drag-and-Drop Editor editor url الكشف عن المعلومات]
النقاط20

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!