PT-2019-19347 · Php Scripts Mall · Php Scripts Mall Cab Booking Script

Aniket Dinda

Published

2019-02-23

Updated

2019-02-25

CVE-2019-9064

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PHP Scripts Mall Cab Booking Script version 1.0.3

Description The issue allows Directory Traversal into the parent directory of a jpg or png file.

Recommendations For PHP Scripts Mall Cab Booking Script version 1.0.3, consider restricting access to sensitive directories to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-9064

Affected Products

Php Scripts Mall Cab Booking Script

PT-2019-19347 · Php Scripts Mall · Php Scripts Mall Cab Booking Script

CVE-2019-9064

Weakness Enumeration

Related Identifiers

Affected Products

References · 3