.. / CVE-2020-25540

Exploit for ThinkAdmin 6 - Local File Inclusion (CVE-2020-25540)

Description:

ThinkAdmin version 6 is affected by a local file inclusion vulnerability because an unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.

Nuclei Template

View the template here CVE-2020-25540.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-25540.yaml

References:

https://github.com/zoujingli/ThinkAdmin/issues/244
http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html
https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/
https://nvd.nist.gov/vuln/detail/CVE-2020-25540
https://www.exploit-db.com/exploits/48812

.. / CVE-2020-25540 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for ThinkAdmin 6 - Local File Inclusion (CVE-2020-25540)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-25540