An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webskybox/filedownload via the tempFileName parameter.
References
Link | Resource |
---|---|
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt | Exploit Third Party Advisory |
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 02:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20151210-0_Skybox_Platform_Multiple_Vulnerabilities_v10.txt - Exploit, Third Party Advisory |
Information
Published : 2018-01-12 22:29
Updated : 2024-11-21 02:40
NVD link : CVE-2015-9250
Mitre link : CVE-2015-9250
CVE.ORG link : CVE-2015-9250
JSON object : View
Products Affected
skyboxsecurity
- skybox_platform
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')