In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '|' instead of '/' as a directory separator, in conjunction with a ".." sequence.
References
| Link | Resource |
|---|---|
| http://www.atksec.com/cve/GxlcmsQY-v1.0.0713-DirectoryTraversal/index.html | Exploit Third Party Advisory |
| http://www.atksec.com/cve/GxlcmsQY-v1.0.0713-DirectoryTraversal/index.html | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://www.atksec.com/cve/GxlcmsQY-v1.0.0713-DirectoryTraversal/index.html - Exploit, Third Party Advisory |
Information
Published : 2018-04-08 02:29
Updated : 2024-11-21 04:15
NVD link : CVE-2018-9851
Mitre link : CVE-2018-9851
CVE.ORG link : CVE-2018-9851
JSON object : View
Products Affected
gxlcms
- gxlcms_qy
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')