mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-26 21:52:25 +02:00
0xMarcio
883 B
883 B
CVE-2019-10767
Description
An attacker can include file contents from outside the /adapter/xxx/ directory, where xxx is the name of an existent adapter like "admin". It is exploited using the administrative web panel with a request for an adapter file. Note: The attacker has to be logged in if the authentication is enabled (by default isn't enabled).
POC
Reference
No PoCs from references.