Phreebooks 2.0 - Directory Traversal

2010-06-08T00:00:00
ID EDB-ID:13778
Type exploitdb
Reporter Gustavo Sorondo
Modified 2010-06-08T00:00:00

Description

Directory Traversal in Phreebooks v2.0. Webapps exploit for php platform

                                        
                                            Advisory Name: Directory Traversal in Phreebooks v2.0
Internal Cybsec Advisory Id:
Vulnerability Class: Directory Traversal
Release Date: 2010-05-26
Affected Applications: Phreebooks v2.0
Affected Platforms: Any running Phreebooks v2.0
Local / Remote: Remote
Severity: Medium – CVSS: 5 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Researcher: Gustavo Sorondo
Vendor Status: N/A
Reference to Vulnerability Disclosure Policy: http://www.cybsec.com/vulnerability_policy.pdf
Vulnerability Description:
A vulnerability has been found in Phreebooks v2.0 which allows malicious people to access local files
by entering special characters in variables used to create file paths. The attackers use “../” sequences to
move up to root directory, thus permitting navigation through the file system.


Download:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/13778.pdf (cybsec_advisory_2010_0601_Phreebooks_v2_0_Directory_Traversal.pdf)