Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 2:56 p.m.5 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/24 12:30 p.m.4 views

EUVD-2019-20033

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References5
NVD
NVD
added 2026/03/24 12:16 p.m.4 views

CVE-2019-25647

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS0.00798EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.20 views

CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS0.00798EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:27 a.m.7 views

CVE-2019-25647

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/24 11:27 a.m.8 views

CVE-2019-25647

CVE-2019-25647 affects PhreeBooks ERP 5.2.3. A remote code execution vulnerability exists in the image manager that lets an authenticated attacker upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can place malicious PHP files via the image manager endpoint an...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.20 views

CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS0.00896EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References4
CVE
CVE
added 2026/03/24 11:27 a.m.9 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager. Authenticated attackers can upload PHP files via the imgFile parameter to bizuno/image/manager and trigger remote code execution through bizunoFS.php. This is a network-accessible issue with high impact on ...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.7 views

PhreeSoft PhreeBooks ERP 跨站脚本漏洞

PhreeSoft PhreeBooks ERP is a business resource planning software provided by PhreeSoft Corporation, which offers enterprise financial management and business process handling functions. Version 5.2.3 of PhreeSoft PhreeBooks ERP contains a cross-site scripting vulnerability. This vulnerability...

8.8CVSS5.8AI score0.00896EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.6 views

PhreeSoft PhreeBooks ERP 代码问题漏洞

PhreeSoft PhreeBooks ERP is a business resource planning software provided by PhreeSoft Corporation, which offers enterprise financial management and business process handling functions. Version 5.2.3 of PhreeSoft PhreeBooks ERP contains a code vulnerability. This vulnerability stems from a remot...

8.8CVSS6.6AI score0.00798EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.9 views

PT-2026-27381

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2021/02/05 12:0 a.m.304 views

PhreeBooks 5.2.3 Remote Code Execution

Exploit Title: PhreeBooks 5.2.3 - Remote Code Execution Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: 5.2.3 Tested on: Windows Server 2016 !/usr/bin/env python3 ''' DESCRIPTION: - PhreeBooks...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/05 12:0 a.m.1708 views

PhreeBooks 5.2.3 ERP - Remote Code Execution (2)

Exploit Title: PhreeBooks 5.2.3 - Remote Code Execution Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: 5.2.3 Tested on: Windows Server 2016 !/usr/bin/env python3 ''' DESCRIPTION: - PhreeBooks...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/05/05 12:0 a.m.29 views

PhreeBooks ERP 5.2.5 - Remote Command Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.5 - Remote Command Execution Author: Besim ALTINOK Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.4, v5.2.5 Tested on: Xampp Credit: İsmai...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/05/05 12:0 a.m.104 views

PhreeBooks ERP 5.2.5 Remote Command Execution

Exploit Title: PhreeBooks ERP 5.2.5 - Remote Command Execution Date: 2020-05-01 Author: Besim ALTINOK Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.4, v5.2.5 Tested on: Xampp Credit: İsmail BOZKURT...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/04/03 12:0 a.m.62 views

PhreeBooks ERP 5.2.3 Arbitrary File Upload

PhreeBooks ERP v5.2.3 - Arbitrary File Upload Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3 Tested on: WAMPP @Win Software description:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/03 12:0 a.m.20 views

PhreeBooks ERP 5.2.3 - Remote Command Execution

PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Date: 2010-04-03 Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/04/03 12:0 a.m.963 views

PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category:...

Exploits0
Rows per page
Query Builder