7 matches found
DoliWamp jqueryFileTree.php Traversal Gather Credentials
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials", 'Description' = %q This module will extract user credentials from DoliWamp - a WAMP...
CVE-2017-1000234
I, Librarian version =4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter...
CVE-2017-1000234
I, Librarian version =4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter...
Design/Logic Flaw
I, Librarian version =4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter...
CVE-2017-1000234
CVE-2017-1000234 affects I, Librarian versions
CVE-2017-1000234
I, Librarian version =4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply by navigating through the "dir" parameter...
DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials
This module will extract user credentials from DoliWamp - a WAMP packaged installer distribution for Dolibarr ERP on Windows - versions 3.3.0 to 3.4.2 by hijacking a user's session. DoliWamp stores session tokens in filenames in the 'tmp' directory. A directory traversal vulnerability in...