返回 CVE 浏览器

CVE-2019-9064

MEDIUM

5.3

CVSS Severity Score

EPSS Score0.1270%

EPSS Percentile43.72th

Published2019年2月23日

Last Modified2024年11月21日

Vulnerability Description

PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file.

Affected Platforms (CPE)

📦

Cab Booking Script Project

Cab Booking Script

= 1.0.3

References & Advisories

🔗 https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/

🔗 https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/

相关漏洞威胁

CVE-2017-176019.8

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.

CVE-2019-1151010.0

In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated rem...

CVE-2019-186710.0

A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypa...

CVE-2019-1341110.0

An “invalid command” handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitra...