Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Webbdesign SL-Studio - Local File Inclusion

By kannthu

Vidoc logoVidoc Module

What is "Webbdesign SL-Studio - Local File Inclusion?"

The "Webbdesign SL-Studio - Local File Inclusion" module is designed to detect a vulnerability in the Webbdesign SL-Studio software. This vulnerability is classified as CWE-22 and has a severity level of high (CVSS Score: 7.5). The module aims to identify instances where the software is susceptible to local file inclusion attacks.

Author: 0x_Akoko


A successful local file inclusion attack on Webbdesign SL-Studio can allow an attacker to access sensitive files on the server. This can lead to unauthorized disclosure of sensitive information, such as system files or user credentials. It is crucial to address this vulnerability to prevent potential data breaches and unauthorized access.

How does the module work?

The module sends an HTTP GET request to the target URL with a specific parameter that includes a path traversal sequence. For example:


The module then applies matching conditions to the response received from the server. In this case, it checks if the response contains the string "root:[x*]:0:0" (indicating the presence of the root user in the /etc/passwd file) and if the HTTP status code is 200 (indicating a successful response).

If both conditions are met, the module reports a vulnerability, indicating that the target is vulnerable to local file inclusion.


Metadata: max-request: 1, google-query: [empty]

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
regex: root:[x*]:0:0and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability