bludit cms

Interesting Files

# usually in /var/www/html/bludit-x.x.x/
<bludit-path>/bl-content/databases/users.php

Version Check

Check for CSS hrefs

<!-- Include Bootstrap CSS file bootstrap.css -->
<link rel="stylesheet" type="text/css" href="http://10.10.10.191/bl-kernel/css/bootstrap.min.css?version=3.9.2">

Auth Bruteforce Bypass v3.9.2

https://www.exploit-db.com/exploits/48942

Directory Traversal v3.9.2

https://www.exploit-db.com/exploits/48701

RCE v3.9.2

https://github.com/noroh4xy/CVE-2019-16113/blob/main/poc.py