PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.
References
Link | Resource |
---|---|
https://gkaim.com/cve-2018-20638-vikas-chaudhary/ | Exploit Third Party Advisory |
https://gkaim.com/cve-2018-20638-vikas-chaudhary/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://gkaim.com/cve-2018-20638-vikas-chaudhary/ - Exploit, Third Party Advisory |
Information
Published : 2019-03-21 16:00
Updated : 2024-11-21 04:01
NVD link : CVE-2018-20638
Mitre link : CVE-2018-20638
CVE.ORG link : CVE-2018-20638
JSON object : View
Products Affected
chartered_accountant_\
- _auditor_website_project
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')