Design/Logic Flaw

2019-12-1714:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.041 Low

EPSS

Percentile

92.2%

JSON

In Simplifile RecordFusion through 2019-11-25, the logs and hist parameters allow remote attackers to access local files via a logger/logs?/…/ or logger/hist?/…/ URI.

CPENameOperatorVersion
recordfusioneq<= 20191125

CPE	Name	Operator	Version
	recordfusion	eq	<= 20191125

References

www.securenetworkinc.com/news/2019/11/26/recordfusion-local-file-inclusion-vulnerability-cve-2019-19264