cve/2022/CVE-2022-1119.md

### [CVE-2022-1119](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1119)
![](https://img.shields.io/static/v1?label=Product&message=Simple%20File%20List&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.2.7%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)

### Description

The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.

### POC

#### Reference
- https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit
- https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit
- https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606
- https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606

#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/Threekiii/Awesome-POC
- https://github.com/W01fh4cker/Serein
- https://github.com/WhooAmii/POC_to_review
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
- https://github.com/z92g/CVE-2022-1119
- https://github.com/zecool/cve