Lucene search
GoogleOSV:GHSA-36HF-6HP2-9G4CHistoryNov 12, 2019 - 10:58 p.m.
Local file inclusion allows unauthorized access to internal resources in Alkacon OpenCms
2019-11-1222:58:14
Google
osv.dev
10
0.008 Low
EPSS
Percentile
82.1%
In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vulnerable to Local File Inclusion that allow an attacker to access server resources: clearhistory.jsp, convertxml.jsp, group_new.jsp, loginmessage.jsp, xmlcontentrepair.jsp, and /system/workplace/admin/history/settings/index.jsp.
Related
nvd
nvd
CVE-2019-13237
2019-08-27 12:15:12
osv
osv
CVE-2019-13237
2019-08-27 12:15:12
cvelist
cvelist
CVE-2019-13237
2019-08-27 11:11:06
packetstorm
packetstorm
Alkacon OpenCMS 10.5.x Local File Inclusion
2019-09-02 00:00:00
zdt
zdt
Alkacon OpenCMS 10.5.x - Local File inclusion Vulnerability
2019-09-02 00:00:00
veracode
veracode
Local File Inclusion (LFI)
2019-08-28 08:16:37
github
github
prion
prion
Design/Logic Flaw
2019-08-27 12:15:00
exploitpack
exploitpack
Alkacon OpenCMS 10.5.x - Local File inclusion
2019-09-02 00:00:00
cve
cve
CVE-2019-13237
2019-08-27 12:15:12
exploitdb
exploitdb
Alkacon OpenCMS 10.5.x - Local File inclusion
2019-09-02 00:00:00