mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 01:56:40 +02:00
0xMarcio
742 B
742 B
CVE-2018-16836
Description
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.