CVE-2019-9622

2019-03-0705:00:00

mitre

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.6%

JSON

eBrigade through 4.5 allows Arbitrary File Download via …/ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.

References

pentest.com.tr/exploits/Brigade-ERP-4-5-Database-Backup-Disclosure-via-AFD.html

sourceforge.net/p/ebrigade/code/5912/

www.exploit-db.com/exploits/46109