Описание
A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257715.
Ссылки
- ExploitIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitIssue Tracking
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability classified as critical has been found in lakernote EasyAdmin up to 20240315. This affects an unknown part of the file /ureport/designer/saveReportFile. The manipulation of the argument file leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257715.
EPSS
6.3 Medium
CVSS3
8.8 High
CVSS3
6.5 Medium
CVSS2