20 matches found
EUVD-2012-6509
Malware in sbrugna...
CVE-2012-6665
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
CVE-2012-6665
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
Directory traversal
Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...
Directory traversal
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
CVE-2012-1669
Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...
CVE-2012-6665
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from thi...
CVE-2012-1669
CVE-2012-1669 affects phpMoneyBooks via an LFI/Directory Traversal in index.php, where the module parameter enables local file inclusion. Exploitation relies on ../ path traversal (and a null-byte attack noted in PoC docs) to include arbitrary local files. Affected versions are before 1.0.3; reme...
CVE-2012-6665
CVE-2012-6665 represents a Local File Include (LFI) in phpMoneyBooks 1.0.4 where a directory-traversal attack is possible through the file parameter, allowing remote reading of arbitrary files due to improper validation of path inputs (dot-dot sequences). Public references corroborate a related i...
CVE-2012-1669
Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...
phpMoneyBooks 1.0.2 - Local File Inclusion
涉及文件: /index.php 85-94L php else include'header.php'; if$GETfile=="" $GETfile="index.php"; iffileexists"modules/".$GETmodule."/".$GETfile include"modules/".$GETmodule."/".$GETfile; else echo "error"; 程序会根据传递的 $GETmodule 参数来动态加载程序的处理模块: include"modules/".$GETmodule."/".$GETfile;...
phpMoneyBooks 1.03 => Database Backup Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMoneyBooks 1.03 = Database Backup Disclosure Vulnerability Date: 30/6/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/phpmoneybooks/files/phpMoneyBooks103.zip/download Version: 1.03 Category::...
phpmoneybooks 1.03 Stored XSS
Exploit for php platform in category web applications Exploit Title: phpmoneybooks 1.03 Stored XSS Date: Jun 28, 2012 Exploit Author: chap0 - chap0.blogspot.com - @chap0 Vendor Homepage: http://phpmoneybooks.com/ Software Link:...
phpmoneybooks CSRF Vulnerability (Add Admin)
Exploit for php platform in category web applications phpmoneybooks CSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST email protected .:. Script : http://phpmoneybooks.com/ .:. Tested On Demo :...
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669)
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
phpMoneyBooks LFI
LFI in index.php Vulnerability Type: Local File Include For the exploit source code contact DSquare Security sales team...
phpMoneyBooks 1.0.2 Local File Inclusion
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
phpMoneyBooks 1.0.2 - Local File Inclusion
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
phpMoneyBooks 1.0.2 Local File Inclusion
Exploit for php platform in category web applications 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...
phpMoneyBooks 1.0.2 - Local File Inclusion
phpMoneyBooks 1.0.2 - Local File Inclusion 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...