Описание
Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:helpcenterlive:hcl:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:helpcenterlive:hcl:2.1.7:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03535
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7 allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the file parameter to module.php. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 87%
0.03535
Низкий
5 Medium
CVSS2
Дефекты
CWE-22