Dolibarr ERP/CRM 3.2 Alpha – Multiple Directory Traversal Vulnerabilities

• Exploit Database
• 20 阅读

• 作者： Benjamin Kunz Mejri
  日期： 2012-02-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/36873/

• source: https://www.securityfocus.com/bid/52113/info
  
  Dolibarr is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input.
  
  Exploiting the issues can allow an attacker to obtain sensitive information that could aid in further attacks.
  
  Dolibarr 3.2.0 Alpha is vulnerable; other versions may also be affected.
  
  http://www.example.com/document.php?modulepart=project&file=../[FILE INCLUDE VULNERABILITY!]