mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
796 B
796 B
CVE-2014-5258
Description
Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
POC
Reference
- http://packetstormsecurity.com/files/128301/webEdition-6.3.8.0-Path-Traversal.html
- http://packetstormsecurity.com/files/128301/webEdition-6.3.8.0-Path-Traversal.html