Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
References
Configurations
History
No history.
Information
Published : 2014-11-06 18:55
Updated : 2024-02-04 18:35
NVD link : CVE-2014-5258
Mitre link : CVE-2014-5258
CVE.ORG link : CVE-2014-5258
JSON object : View
Products Affected
webedition
- webedition_cms
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')