CVE-2009-2229

Kasseler CMS 1.3.5 lite - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2229. PoCs published by S(r1pt.

AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Kasseler CMS via the 'file' parameter in engine.php, allowing unauthorized file disclosure. It also includes an XSS vulnerability via the 'url' parameter in the redirect function.

Description

Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by S(r1pt · textwebappsphp

https://www.exploit-db.com/exploits/8997

View Code ZIP pw:eip

This exploit demonstrates a directory traversal vulnerability in Kasseler CMS via the 'file' parameter in engine.php, allowing unauthorized file disclosure. It also includes an XSS vulnerability via the 'url' parameter in the redirect function.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Kasseler CMS (version not specified)

No auth needed

Prerequisites: Network access to the target system · Kasseler CMS installed with vulnerable engine.php

MITRE ATT&CK