.. / CVE-2023-34598

Exploit for Gibbon v25.0.0 - Local File Inclusion (CVE-2023-34598)

Description:

Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it’s possible to include the content of several files present in the installation folder in the server’s response.

Nuclei Template

View the template here CVE-2023-34598.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-34598.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-34598
https://twitter.com/shaybt12/status/1673612503547355137?s=20
https://github.com/komodoooo/Some-things
https://github.com/maddsec/CVE-2023-34598
https://github.com/izj007/wechat