mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
730 B
730 B
CVE-2019-9622
Description
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.
POC
Reference
- https://pentest.com.tr/exploits/Brigade-ERP-4-5-Database-Backup-Disclosure-via-AFD.html
- https://www.exploit-db.com/exploits/46109
Github
No PoCs found on GitHub currently.