58 matches found
CVE-2019-25630
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...
EUVD-2019-20033
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2019-25647
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2019-25630
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...
CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2019-25647
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2019-25647
CVE-2019-25647 affects PhreeBooks ERP 5.2.3. A remote code execution vulnerability exists in the image manager that lets an authenticated attacker upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can place malicious PHP files via the image manager endpoint an...
CVE-2019-25630
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager. Authenticated attackers can upload PHP files via the imgFile parameter to bizuno/image/manager and trigger remote code execution through bizunoFS.php. This is a network-accessible issue with high impact on ...
CVE-2019-25630
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...
CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...
CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager
PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...
PhreeSoft PhreeBooks ERP 跨站脚本漏洞
PhreeSoft PhreeBooks ERP is a business resource planning software provided by PhreeSoft Corporation, which offers enterprise financial management and business process handling functions. Version 5.2.3 of PhreeSoft PhreeBooks ERP contains a cross-site scripting vulnerability. This vulnerability...
PhreeSoft PhreeBooks ERP 代码问题漏洞
PhreeSoft PhreeBooks ERP is a business resource planning software provided by PhreeSoft Corporation, which offers enterprise financial management and business process handling functions. Version 5.2.3 of PhreeSoft PhreeBooks ERP contains a code vulnerability. This vulnerability stems from a remot...
PT-2026-27381
PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...
CVE-2021-47904
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server...
CVE-2021-47904
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server...
CVE-2021-47904 PhreeBooks 5.2.3 - Remote Code Execution
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server...
CVE-2021-47904
CVE-2021-47904 affects PhreeBooks 5.2.3. An authenticated attacker can upload a malicious PHP web shell via the Image Manager’s unrestricted file-type uploads, enabling remote code execution on the server. Impact: remote code execution with high confidentiality, integrity, and availability implic...
CVE-2021-47904
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execution on the server...