CVE-2012-1669
published 2014-11-17CVE-2012-1669: Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot…
PriorityP335medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
3.52%
87.8th percentile
Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmoneybooks | phpmoneybooks | <= 1.0.2 | — |
| phpmoneybooks | phpmoneybooks | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p4cj-m8w9-cg7q: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2012-6665 [MEDIUM] CWE-22 GHSA-p4cj-m8w9-cg7q: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue might have been fixed in 1.0.3.
GHSA
GHSA-v44r-5c6g-966j: Directory traversal vulnerability in index
ghsa_unreviewed·2022-05-17
CVE-2012-1669 [MEDIUM] CWE-22 GHSA-v44r-5c6g-966j: Directory traversal vulnerability in index
Directory traversal vulnerability in index.php in phpMoneyBooks before 1.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/80101http://packetstormsecurity.com/files/111114/phpMoneyBooks-1.0.2-Local-File-Inclusion.htmlhttp://seclists.org/fulldisclosure/2012/Mar/259http://sourceforge.net/projects/phpmoneybooks/files/Changelog.TXT/downloadhttp://www.exploit-db.com/exploits/18648http://www.securityfocus.com/archive/1/522058http://www.securityfocus.com/bid/52532http://osvdb.org/80101http://packetstormsecurity.com/files/111114/phpMoneyBooks-1.0.2-Local-File-Inclusion.htmlhttp://seclists.org/fulldisclosure/2012/Mar/259http://sourceforge.net/projects/phpmoneybooks/files/Changelog.TXT/downloadhttp://www.exploit-db.com/exploits/18648http://www.securityfocus.com/archive/1/522058http://www.securityfocus.com/bid/52532
2014-11-17
Published