Количество 2
Количество 2
CVE-2022-41951
OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. Path Traversal is possible in `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName`. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. This vulnerability has been fixed in version 5.0.9.
GHSA-9v3j-4j64-p937
OroPlatform vulnerable to path traversal during temporary file manipulations
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-41951 OroPlatform is a PHP Business Application Platform (BAP) designed to make development of custom business applications easier and faster. Path Traversal is possible in `Oro\Bundle\GaufretteBundle\FileManager::getTemporaryFileName`. With this method, an attacker can pass the path to a non-existent file, which will allow writing the content to a new file that will be available during script execution. This vulnerability has been fixed in version 5.0.9. | CVSS3: 8.5 | 0% Низкий | около 2 лет назад |
| GHSA-9v3j-4j64-p937 OroPlatform vulnerable to path traversal during temporary file manipulations | CVSS3: 8.5 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу