cve/2019/CVE-2019-14312.md

CVE-2019-14312

Description

Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.

POC

Reference

• http://packetstormsecurity.com/files/153985/Aptana-Jaxer-1.0.3.4547-Local-File-Inclusion.html

Github

• https://github.com/ARPSyndicate/kenzer-templates
• https://github.com/d4n-sec/d4n-sec.github.io