Description

Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors.

Remediation

References

CVE-2015-0269

Related Vulnerabilities

WordPress Plugin Quote-O-Matic SQL Injection (1.0.5)

Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813)

Oracle JRE CVE-2019-2964 Vulnerability (CVE-2019-2964)

WordPress Plugin Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions SQL Injection (2.2.7)

WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.0.2)

Severity

Medium

Classification

CVE-2015-0269 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities