Описание
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
Ссылки
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- Exploit
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:docebolms:docebolms:2.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11257
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to list arbitrary files and directories via ".." sequences in the Type parameter in a GetFoldersAndFiles command.
EPSS
Процентиль: 93%
0.11257
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other