CVE-2009-2333

CMS Chainuk < 1.2 - Path Traversal and Arbitrary File Execution via Menu Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2333. PoCs published by eLwaux.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in CMS Chainuk <= v1.2, including Local File Inclusion (LFI), arbitrary file deletion, XSS, and remote code execution (RCE) via file inclusion and PHP code injection. The PoC provides specific exploit paths and payloads for each vulnerability.

Description

Multiple directory traversal vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the menu parameter to admin/admin_menu.php, and the id parameter to (2) index.php and (3) admin/admin_edit.php; and (4) delete arbitrary local files via a .. (dot dot) in the id parameter to admin/admin_delete.php. NOTE: vector 2 can be leveraged for static code injection by sending a crafted menu parameter to admin/admin_menu.php, and then sending an id=../menu.csv request to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by eLwaux · textwebappsphp

https://www.exploit-db.com/exploits/9069

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in CMS Chainuk <= v1.2, including Local File Inclusion (LFI), arbitrary file deletion, XSS, and remote code execution (RCE) via file inclusion and PHP code injection. The PoC provides specific exploit paths and payloads for each vulnerability.

Classification

Working Poc 95%

Attack Type

Rce | Lfi | Xss | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: CMS Chainuk <= v1.2

No auth needed

Prerequisites: Access to the target web application · PHP execution environment

MITRE ATT&CK