Lucene search
D3addogH1:1096043HistoryFeb 05, 2021 - 10:14 a.m.
ExpressionEngine: Non-authenticated path traversal leading to arbitrary file read
2021-02-0510:14:35
d3addog
hackerone.com
2
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure.
Related
vulnrichment
vulnrichment
CVE-2021-44534
2024-05-31 17:40:31
nvd
nvd
CVE-2021-44534
2024-05-31 18:15:09
ubuntucve
ubuntucve
CVE-2021-44534
2024-05-31 00:00:00
cvelist
cvelist
CVE-2021-44534
2024-05-31 17:40:31
cve
cve
CVE-2021-44534
2024-05-31 18:15:09
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.2%
Related for H1:1096043