ProcessMaker <=3.5.4 - Local File Inclusion

ProcessMaker <=3.5.4 - Local File Inclusion

ProcessMaker <=3.5.4 - Local File Inclusion is a module that targets the ProcessMaker software. This module is designed to detect the vulnerability of local file inclusion in versions 3.5.4 and prior. The severity of this vulnerability is high.

Impact

The local file inclusion vulnerability in ProcessMaker <=3.5.4 can allow an attacker to include arbitrary files from the server's file system. This can lead to unauthorized access to sensitive information, such as configuration files, user credentials, or other sensitive data stored on the server.

How the module works?

The module sends an HTTP GET request to the target server, attempting to access the /../../../..//etc/passwd file. This file is commonly used to store user account information on Unix-based systems. The module then checks if the response contains the string "root:.*:0:0:" to determine if the file inclusion was successful. Additionally, it verifies that the HTTP response status is 200 to ensure the file is accessible.

This module is part of the Vidoc platform, which uses multiple modules to perform scanning. Each module represents a specific test case, and this module focuses on detecting the local file inclusion vulnerability in ProcessMaker <=3.5.4.