Vulnerability CVE-2017-17992


Published: 2017-12-29   Modified: 2017-12-30

Description:
Biometric Shift Employee Management System allows Arbitrary File Download via directory traversal sequences in the index.php form_file_name parameter in a download_form action.

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

Vendor: Iwcnetwork
Product: Biometric shift employee management system 
Version: 4.0;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
https://github.com/d4wner/Vulnerabilities-Report/blob/master/Biometric-Shift-Employee-Management-System.md

Related CVE
CVE-2017-17995
Biometric Shift Employee Management System has XSS via the Last_Name parameter in an index.php?user=ajax request.
CVE-2017-17994
Biometric Shift Employee Management System has XSS via the criteria parameter in an index.php?user=competency_criteria request.
CVE-2017-17993
Biometric Shift Employee Management System has XSS via the amount parameter in an index.php?user=addition_deduction request.
CVE-2017-17991
Biometric Shift Employee Management System has XSS via the expense_name parameter in an index.php?user=expenses request.
CVE-2017-17990
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
CVE-2017-17989
Biometric Shift Employee Management System has XSS via the index.php holiday_name parameter in an edit_holiday action.
CVE-2017-17876
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.

Copyright 2018, cxsecurity.com

 

Back to Top