Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Hiawatha Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-8358)

Description

In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.

Remediation

References

Related Vulnerabilities

WordPress Plugin ThemeREX Addons Remote Code Execution (All)

Apache Tomcat Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-8037)

Oracle Database Server CVE-2009-0987 Vulnerability (CVE-2009-0987)

WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2)

Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039)

Severity

High

Classification

CVE-2019-8358 CWE-22 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities