Описание
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-37088
- https://web.archive.org/web/20190612111732/https://sourceforge.net/projects/school-erp-ultimate
- https://web.archive.org/web/20200129123503/http://arox.in
- https://www.exploit-db.com/exploits/48394
- https://www.vulncheck.com/advisories/school-erp-pro-arbitrary-file-read
Связанные уязвимости
School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.