########################## WwW.BugReport.ir
###########################################
###################################################################################
####################
Quote from vendor: CMME means "Content Management Made Easy". It is a
web content management system that is easy to use, doesn't have a lot
of requirements
and allows for reasonable flexibility.
####################
There are multiple vulnerabilities in CMME , which can be exploited by
malicious people to disclose potentially sensitive information.
these can be exploited to read the contents of data files on the
server via a specially crafted URL, without requiring a valid login.
±->Users Information Disclosure (Including MD5 Hashes)
POC: http://example.com/cmme/data/admin/users
±->Server Informaion (phpinfo)
POC: http://example.com/cmme/info.php
±->The Last generated server backup
POC: http://example.com/cmme/backup/cmme_data.zip
####################
Restrict and grant only trusted users access to the resources.
####################