CVE-2018-25184
Local File Inclusion in Surreal ToDo 0.6.1.2 Allows File Disclosure
Publication date: 2026-03-06
Last updated on: 2026-03-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| surreal | todo | 0.6.1.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'Surreal ToDo version 0.6.1.2 contains a Local File Inclusion (LFI) vulnerability. This flaw allows an unauthenticated attacker to read arbitrary files on the server by manipulating the "content" parameter in the URL, specifically in the index.php file.'}, {'type': 'paragraph', 'content': 'By supplying directory traversal sequences (like ../../../../) through the content parameter, an attacker can access sensitive system files such as configuration and initialization files.'}, {'type': 'paragraph', 'content': 'For example, an attacker can send a crafted HTTP GET request to index.php with the content parameter set to a relative path to a file like Windows/win.ini, causing the server to include and display the contents of that file.'}] [1]
How can this vulnerability impact me? :
This vulnerability can lead to information disclosure by allowing attackers to read sensitive files on the server.
Access to configuration and initialization files can expose critical information such as credentials, system settings, or application logic.
If combined with other vulnerabilities, this information disclosure could facilitate further attacks like code execution or privilege escalation, increasing the risk to the affected system.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending a crafted HTTP GET request to the vulnerable endpoint and checking if arbitrary files can be read via directory traversal sequences in the content parameter.'}, {'type': 'paragraph', 'content': 'For example, you can test the vulnerability by sending a request like:'}, {'type': 'list_item', 'content': 'GET /index.php?content=../../../../Windows/win.ini HTTP/1.1'}, {'type': 'paragraph', 'content': 'If the server responds with the contents of the specified file (e.g., win.ini), it confirms the presence of the local file inclusion vulnerability.'}, {'type': 'paragraph', 'content': 'You can use command-line tools such as curl or wget to perform this test. For example:'}, {'type': 'list_item', 'content': 'curl "http://TARGET/index.php?content=../../../../Windows/win.ini"'}, {'type': 'list_item', 'content': 'wget -qO- "http://TARGET/index.php?content=../../../../Windows/win.ini"'}] [1]
What immediate steps should I take to mitigate this vulnerability?
I don't know