Описание
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:unica:affinium_campaign:7.2.1.0.55:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00305
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to (1) create arbitrary directories or files via a .. (dot dot) in the folder name in the new folder functionality or (2) list arbitrary files via a crafted request to Campaign/CampaignListener.
EPSS
Процентиль: 53%
0.00305
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22