CVE-2018-19748

HIGH Year: 2018
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector).

Related Vulnerabilities

CVE-2007-3967

HIGH
CVSS:7.5(High)

Directory traversal vulnerability in index.php in PHP Directory Lister (dirLIST) before 0.1.1 allows remote attackers to list the contents of a parent directory via a .. (dot dot) in the folder parame...

CWE-222007

CVE-2008-3939

HIGH
CVSS:7.5(High)

Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.

CWE-222008

CVE-2010-0013

HIGH
CVSS:7.5(High)

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/...

CWE-222010

CVE-2010-10011

HIGH
CVSS:7.5(High)

A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the...

CWE-222010

CVE-2010-5334

HIGH
CVSS:7.5(High)

IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain paramet...

CWE-222010