ethercreative/seo

Possible remote file inclusion

mariohammel opened this issue · 0 comments

mariohammel commented

Description

Our hosting provider sends us a information about a RFI Exploit [P1419] on our webpage. I found the following snipped in a cached file (Craft Template Caching):

<meta property="og:url" content="https://example.com/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f../etc/passwd" />   
<meta name="twitter:url" content="https://example.com/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f../etc/passwd" />   
<link rel="canonical" href="https://dextra.ch/../../../../../../../../../../../../etc/passwd">

Is it possible to validate such parameters?

Steps to reproduce

  1. Open the craft website with the following query param: https://example.com?p=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd
  2. View the page source.

Additional info

  • Craft version: Craft Pro 4.4.12
  • SEO version: 4.1.2
  • PHP version: 8.1.20