Skip to content
Nuclei Templates

Anchor CMS 0.12.3 - Error Log Exposure

ID: CVE-2018-7251

Severity: critical

Author: pdteam

Tags: cve,cve2018,anchorcms,logs,error,packetstorm

Description

Section titled “Description”

Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as “Too many connections”) has occurred.

YAML Source

Section titled “YAML Source”
id: CVE-2018-7251


info:
  name: Anchor CMS 0.12.3 - Error Log Exposure
  author: pdteam
  severity: critical
  description: |
    Anchor CMS 0.12.3 is susceptible to an error log exposure vulnerability due to an issue  in config/error.php. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
  impact: |
    An attacker can gain access to sensitive information, such as usernames, passwords, and system configuration details.
  remediation: |
    Upgrade to the latest version of Anchor CMS or apply the necessary patches to fix the error log exposure vulnerability.
  reference:
    - https://github.com/anchorcms/anchor-cms/issues/1247
    - https://twitter.com/finnwea/status/965279233030393856
    - http://packetstormsecurity.com/files/154723/Anchor-CMS-0.12.3a-Information-Disclosure.html
    - https://github.com/anchorcms/anchor-cms/releases/tag/0.12.7
    - https://nvd.nist.gov/vuln/detail/CVE-2018-7251
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2018-7251
    cwe-id: CWE-200
    epss-score: 0.06473
    epss-percentile: 0.93709
    cpe: cpe:2.3:a:anchorcms:anchor:0.12.3:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: anchorcms
    product: anchor
  tags: cve,cve2018,anchorcms,logs,error,packetstorm


http:
  - method: GET
    path:
      - '{{BaseURL}}/anchor/errors.log'


    matchers:
      - type: word
        words:
          - '"date":'
          - '"message":'
          - '"trace":['
        condition: and
# digest: 4a0a00473045022100b6acc08b13421a44d7a883d069cf375269fac763fa11e10e4d9ef06de17f5f4d02200e1fdc1a3e9cbc59a77834394c60763cd60e72c10306cd90df2fd9f0b611a654:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-7251.yaml"

View on Github