Описание
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ProductVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ProductVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.00.008.053 (исключая)
cpe:2.3:a:softlinkint:oliver_v5_library:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.14201
Средний
7.5 High
CVSS3
Дефекты
CWE-494
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
EPSS
Процентиль: 94%
0.14201
Средний
7.5 High
CVSS3
Дефекты
CWE-494