Lucene search
HistoryAug 18, 2015 - 5:59 p.m.
CVE-2015-4670
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.5%
Directory traversal vulnerability in the AjaxFileUpload control in DevExpress AJAX Control Toolkit (aka AjaxControlToolkit) before 15.1 allows remote attackers to write to arbitrary files via a … (dot dot) in the fileId parameter to AjaxFileUploadHandler.axd.
Affected configurations
Node
devexpressajax_control_toolkitRange≤15.0
Related
veracode
veracode
Directory Traversal
2018-07-09 02:38:11
cvelist
cvelist
CVE-2015-4670
2015-08-18 17:00:00
cve
cve
CVE-2015-4670
2015-08-18 17:59:10
securityvulns
securityvulns
CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal
2015-07-14 00:00:00
prion
prion
Directory traversal
2015-08-18 17:59:00
thn
thn
Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets
2020-05-05 14:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.5%
Related for NVD:CVE-2015-4670