5 matches found
Phreebooks 2.0 - Local File Inclusion
涉及文件: /index.php php //initialize our variables, set module to login if not logged in require'includes/applicationtop.php'; 在代码处理开始之前会加载 includes/applicationtop.php 进行一些初始化操作。 涉及文件: /includes/applicationtop.php 131-140行 php // set the language if isset$GET'language' $SESSION'language' =...
Phreebooks 2.0 - Multiple Permanent Cross-site Scripting
No description provided by source...
Phreebooks 2.0 - Directory Traversal
No description provided by source...
PhreeBooks Multiple HTML-Injection and Local File Include Vulnerabilities
PhreeBooks is prone to multiple local file-include vulnerabilities and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view files and execute loca...
Phreebooks 2.0 - Directory Traversal
Advisory Name: Directory Traversal in Phreebooks v2.0 Internal Cybsec Advisory Id: Vulnerability Class: Directory Traversal Release Date: 2010-05-26 Affected Applications: Phreebooks v2.0 Affected Platforms: Any running Phreebooks v2.0 Local / Remote: Remote Severity: Medium – CVSS: 5...