.. / CVE-2015-3648

Exploit for ResourceSpace - Local File inclusion (CVE-2015-3648)

Description:

ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input.

Nuclei Template

View the template here CVE-2015-3648.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2015/CVE-2015-3648.yaml

References:

https://nvd.nist.gov/vuln/detail/CVE-2015-3648
http://svn.montala.com/websvn/revision.php?repname=ResourceSpace&path=%2F&rev=6640&peg=6738
https://github.com/ARPSyndicate/kenzer-templates
http://packetstormsecurity.com/files/132142/ResourceSpace-7.1.6513-Local-File-Inclusion.html
https://vulners.com/cve/CVE-2015-3648/