The manipulation of the argument activepath leads to absolute path traversal. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Ī vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. VDB-240238 is the identifier assigned to this vulnerability. The exploit has been disclosed to the public and may be used. The exploitation appears to be difficult. The complexity of an attack is rather high. The manipulation leads to path traversal. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler.
Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The identifier of this vulnerability is VDB-241028.Ī vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. The attack needs to be initiated within the local network. The manipulation of the argument full leads to path traversal. Affected by this issue is some unknown functionality of the file /rest/dir/. A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.Ī vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2.
0 kommentar(er)
