CVE-2018-20631-PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure


******************************************
# Exploit Title: PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
# Date: 30.12.2018
# Site Titel : BUSINESS SALE
# Vendor Homepage: https://www.phpscriptsmall.com/
# Vendor Product : https://www.phpscriptsmall.com/product/website-seller-script/
# Category: Web Application
# Version: 2.0.5
# Exploit Author: Vikas Chaudhary
# Contact: https://gkaim.com/contact-us/
# Web: https://gkaim.com/
# Published on: https://gkaim.com/cve-2018-15896-vikas-chaudhary/
# Tested on: Windows 10 -Firefox
# CVE-2018-20631.

*******************************************
## VENDOR SUMMARY :- PHP Scripts Mall Pvt. Ltd. is a professional software selling portal offering wide range of innovative. PHP Scripts Mall is a leading business and technology firm with 12 years of successful track record in completion and implementation of numerous projects in various
verticals and domains.. It has 300 plus PHP scripts ready to buy.

## Vulnerability Description => A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files.
********************************************
Proof of Concept:-
————————–
1. Go to the Vendor’s Product Software. (http://www.officialwebsiteforsale.com/ )
2- Intercept the data from burpsuit
3-Find any url having images . Ex-http://www.officialwebsiteforsale.com/assets/images/admindash5852633905999.png
4-Now copy the url and send it to browser .
5-Edit the url from last and you will find the whole Path and Directory of server .Ex- http://www.officialwebsiteforsale.com/assets/fonts/
*****************************************

Comment Please