Description

Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors.

Remediation

References

CVE-2015-0269

Related Vulnerabilities

Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)

Oracle JRE CVE-2013-0450 Vulnerability (CVE-2013-0450)

WordPress Plugin Timeline Event History PHP Object Injection (3.1)

WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)

Severity

Medium

Classification

CVE-2015-0269 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities