Lucene search
GoogleOSV:CVE-2021-21064HistoryFeb 25, 2021 - 2:15 p.m.
CVE-2021-21064
2021-02-2514:15:12
Google
osv.dev
5
Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path traversal vulnerability in Magento UPWARD Connector version 1.1.2 (and earlier) due to the upload feature. An attacker could potentially exploit this vulnerability to upload a malicious YAML file that can contain instructions which allows reading arbitrary files from the remote server. Access to the admin console is required for successful exploitation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| upward-php | eq | 1.1.1 | |
| upward-php | eq | 1.1.0 | |
| upward-php | eq | 1.1.4 | |
| upward-php | eq | 1.1.3 | |
| upward-php | eq | 1.1.2 | |
| upward-php | eq | 1.0.0 |
Related
nvd
nvd
CVE-2021-21064
2021-02-25 14:15:12
veracode
veracode
Directory Traversal
2021-02-26 01:58:38
prion
prion
Path traversal
2021-02-25 14:15:00
cvelist
cvelist
cve
cve
CVE-2021-21064
2021-02-25 14:15:12