CVE-2019-13063

Published: Sep 23, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion.

Affected (1)

Products: Sahipro: Sahi Pro

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sahipro Sahi Pro	Version 8.0.0

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (4)

https://sahipro.com/downloads-archive/

Source: cve@mitre.org

Vendor Advisory

https://www.exploit-db.com/exploits/47062

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://sahipro.com/downloads-archive/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.exploit-db.com/exploits/47062

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.