Description: Customer Support System 1.0 is vulnerable to Local File Inclusion. An authenticated user has the capability to access and read PHP files from the operating system by exploiting a Local File Inclusion (LFI) vulnerability through the wrapper filter.
Vulnerable Product Version: Customer Support System 1.0
CVE Author: Geraldo Alcântara
Date.: 28/11/2023
Confirmed on: 19/12/2023
CVE: CVE-2023-49544
Tested on: Windows
- Log in to the application with any user.
- Modify the vulnerable "page" parameter to exploit the vulnerability.
Payload: php://filter/convert.base64-encode/resource=C:\xampp\htdocs\customer_support\db_connect
Exploiting the vulnerability and retrieving the content of the PHP file in base64.
Reading the content of the file (Base64 decoded).
Discoverer(s)/Credits:
Geraldo Alcântara