CVE-2014-5370

2015-04-21T11:59:01
ID CVE-2014-5370
Type cve
Reporter NVD
Modified 2016-08-18T10:59:06

Description

Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.