CVE-2014-5258

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:webedition:webedition_cms:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-11-06 18:55

Updated : 2024-02-04 18:35


NVD link : CVE-2014-5258

Mitre link : CVE-2014-5258

CVE.ORG link : CVE-2014-5258


JSON object : View

Products Affected

webedition

  • webedition_cms
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')