Description

Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated "back end" users to view files outside their file mounts or the document root via unspecified vectors.

Remediation

References

CVE-2015-0269

Related Vulnerabilities

WordPress Plugin Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.13.35)

Atlassian Jira Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8481)

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2005-2970)

WordPress Plugin Simple Mail Address Encoder Cross-Site Scripting (1.6.1)

PHP Other Vulnerability (CVE-2007-1286)

Severity

Medium

Classification

CVE-2015-0269 CWE-22 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities