Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mbadanoiu/cve-2020-12640

CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail
https://github.com/mbadanoiu/cve-2020-12640

0-day cve cve-2020-12640 cves local-file-inclusion path-traversal

Last synced: 2 days ago
JSON representation

CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail

Host: GitHub
URL: https://github.com/mbadanoiu/cve-2020-12640
Owner: mbadanoiu
Created: 2024-04-13T15:37:14.000Z (7 months ago)
Default Branch: main
Last Pushed: 2024-04-13T15:41:40.000Z (7 months ago)
Last Synced: 2024-04-14T06:57:01.663Z (7 months ago)
Topics: 0-day, cve, cve-2020-12640, cves, local-file-inclusion, path-traversal
Homepage:
Size: 198 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# CVE-2020-12640: Local PHP File Inclusion via "Plugin Value" in Roundcube Webmail

A Path Traversal vulnerability exists in Roundcube versions before 1.4.4, 1.3.11 and 1.2.10.

Because the "\_plugins\_" parameters do not perform sanitization/input filtering, an attacker with access to the Roundcube Installer can leverage a path traversal vulnerability to include arbitrary PHP files on the local system.

### Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found [here](https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10).

### Requirements:

This vulnerability requires:

- Access to the Roundcube Webmail installer component
- Write access to the target's filesystem

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2020-12640/blob/main/Roundcube%20Disclosures%20-%20CVE-2020-12640.pdf).