Lucene search
PRIOn knowledge basePRION:CVE-2019-16915HistorySep 26, 2019 - 6:15 p.m.
Design/Logic Flaw
2019-09-2618:15:00
PRIOn knowledge base
www.prio-n.com
6
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
Related
nvd
nvd
CVE-2019-16915
2019-09-26 18:15:10
cvelist
cvelist
CVE-2019-16915
2019-09-26 17:38:42
osv
osv
CVE-2019-16915
2019-09-26 18:15:10
cve
cve
CVE-2019-16915
2019-09-26 18:15:10
nessus
nessus
pfSense < 2.4.5 Multiple Vulnerabilities
2021-02-11 00:00:00