Lucene search
GoogleOSV:CVE-2020-5295HistoryJun 03, 2020 - 10:15 p.m.
CVE-2020-5295
2020-06-0322:15:11
Google
osv.dev
2
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability is only exploitable by an authenticated backend user with the cms.manage_assets permission. Issue has been patched in Build 466 (v1.0.466).
Related
osv
osv
Local File read vulnerability in OctoberCMS
2020-06-03 21:58:16
cvelist
cvelist
CVE-2020-5295 Local File read vulnerability in OctoberCMS
2020-06-03 21:50:12
cve
cve
CVE-2020-5295
2020-06-03 22:15:11
github
github
Local File read vulnerability in OctoberCMS
2020-06-03 21:58:16
veracode
veracode
Unauthorized Local File Read
2020-06-04 08:29:45
prion
prion
Code injection
2020-06-03 22:15:00
nvd
nvd
CVE-2020-5295
2020-06-03 22:15:11
exploitdb
exploitdb
October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)
2020-11-13 00:00:00
packetstorm
packetstorm
October CMS Build 465 XSS / File Read / File Deletion / CSV Injection
2020-08-03 00:00:00
zdt
zdt