SeoToaster Ecommerce Local File Inclusion Vulnerability

A local file inclusion vulnerability has been identified in SeoToaster Ecommerce version 3.0.0. This vulnerability allows authenticated attackers to read arbitrary files by manipulating path parameters in backend theme endpoints. Exploitation involves sending POST requests to either '/backend/backend_theme/editcss/' or '/backend/backend_theme/editjs/' with directory traversal sequences in the 'getcss' or 'getjs' parameters, respectively.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files on the server, potentially including configuration files or other data that could be used for further attacks.

Reproduction

To reproduce this vulnerability, an authenticated user can send a POST request to the '/backend/backend_theme/editcss/' or '/backend/backend_theme/editjs/' endpoint. The request must include a 'getcss' or 'getjs' parameter with a directory traversal payload, such as '../index.php', to retrieve the contents of the specified file.