This repository was archived by the owner on Oct 8, 2024. It is now read-only.
This repository was archived by the owner on Oct 8, 2024. It is now read-only.
Local File Inclusion (LFI) Vulnerability in Augmend #17
Description
Hello Team,
A Local File Inclusion (LFI) vulnerability was discovered in the Augmend. This type of vulnerability allows an attacker to include files from the web server by manipulating the URL or input fields, potentially leading to the exposure of sensitive information and system compromise.
Vulnerability Details:
"https://augmend.com/static/js/..%2f..%2f..%2f..%2f..%2f..%2f%65%74%63%2f%70%61%73%73%77%64"
The discovered LFI vulnerability allows an attacker to traverse the file system of the web server and access files such as /etc/passwd, which contains user account information.
Best Regards,
Abdulali AlDurazi