Описание
Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- Patch
- PatchVendor Advisory
- Patch
- Patch
- Patch
Уязвимые конфигурации
Одно из
EPSS
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory.
Absolute path traversal vulnerability in SugarCRM Sugar Community Edit ...
Absolute path traversal vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 allows remote attackers to read arbitrary files via a full path in the URL parameter to modules/Feeds/Feed.php, which places the contents into a related cache file in the .cache/feeds directory.
EPSS
5 Medium
CVSS2