Description

A security vulnerability exists in SearchBlox that allows an attacker to read arbitrary local files from the affected server.

Remediation

Upgrade to the latest version of SearchBlox

References

CVE-2020-35580

Related Vulnerabilities

WordPress Plugin Chat Room Directory Traversal (0.1.2)

Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2018-11495)

WordPress Plugin Abstract Submission Local File Inclusion (0.6)

WordPress Plugin WP Publication Archive 'file' Parameter Directory Traversal (2.3)

Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack

Severity

High

Classification

CVE-2020-35580 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

File Inclusion