CyberSec.Space Logo
Back to CVE Browser

CVE-2019-9064

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.1270%
EPSS Percentile43.72th
PublishedFeb 23, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.

Affected Platforms (CPE)

📦
Cab Booking Script Project

Cab Booking Script

= 1.0.3

References & Advisories

🔗 https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/
🔗 https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/

Related Vulnerabilities

CVE-2017-176019.8

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-002010.0

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an attacker the ability to take full contr...

CVE-2019-002210.0

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an attacker the ability to take full contro...