CVE-2011-4831

Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:david_azoulay:web_file_browser:0.4b14:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-12-15 03:57

Updated : 2024-02-28 11:41


NVD link : CVE-2011-4831

Mitre link : CVE-2011-4831

CVE.ORG link : CVE-2011-4831


JSON object : View

Products Affected

david_azoulay

  • web_file_browser
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')