CVE-2012-4997
AneCMS - Path Traversal and Arbitrary File Execution via ACP p Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-4997. PoCs published by I2sec-Jong Hwan Park.
AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in AneCMS v.2e2c583. The vulnerability arises from improper input validation in the 'p' parameter, allowing an attacker to include arbitrary local files via directory traversal sequences.
Description
Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Exploits (1)
This exploit demonstrates a Local File Inclusion (LFI) vulnerability in AneCMS v.2e2c583. The vulnerability arises from improper input validation in the 'p' parameter, allowing an attacker to include arbitrary local files via directory traversal sequences.