Description
Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component.
Remediation
References
Related Vulnerabilities
WordPress Plugin Count per Day Cross-Site Request Forgery (3.2.5)
WordPress Plugin Animate It! Cross-Site Request Forgery (2.3.5)
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-4098)
WordPress Plugin MiniMax-Page Layout Builder Arbitrary File Upload (1.7.1)