Lucene search
MitreCVELIST:CVE-2019-19731HistoryDec 16, 2019 - 4:26 p.m.
CVE-2019-19731
2019-12-1616:26:04
mitre
www.cve.org
0.041 Low
EPSS
Percentile
92.2%
Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder (because an incomplete blacklist of file extensions allows Windows shortcut files to be uploaded).
Related
zdt
zdt
Roxy Fileman 1.4.5 For .NET Directory Traversal Vulnerability
2019-12-14 00:00:00
packetstorm
packetstorm
Roxy Fileman 1.4.5 For .NET Directory Traversal
2019-12-13 00:00:00
exploitpack
exploitpack
Roxy Fileman 1.4.5 - Directory Traversal
2019-12-16 00:00:00
prion
prion
Path traversal
2019-12-16 17:15:00
cve
cve
CVE-2019-19731
2019-12-16 17:15:12
nvd
nvd
CVE-2019-19731
2019-12-16 17:15:12
exploitdb
exploitdb
Roxy Fileman 1.4.5 - Directory Traversal
2019-12-16 00:00:00