5 matches found
CVE-2022-27248
creationtimestamp| type| source ---|---|--- 2022-04-04 02:27:04+00:00| seen| https://t.me/cibsecurity/40076...
CVE-2022-27248
A directory traversal vulnerability in IdeaRE RefTree before 2021.09.17 allows remote authenticated users to download arbitrary .dwg files from a remote server by specifying an absolute or relative path when invoking the affected DownloadDwg endpoint. An attack uses the path field to...
CVE-2022-27248
Affected software: IdeaRE RefTree (web application) prior to 2021.09.17. Vulnerability: Directory traversal in the DownloadDwg endpoint that parses a path field (absolute or relative) to download files. Root cause / impact: Authenticated users can download arbitrary .dwg files from the server by ...
IdeaRE RefTree Path Traversal Vulnerability
=============================================================================== title: IdeaRE RefTree Download Path Traversal product: IdeaRE RefTree =============================================================================== EXECUTIVE SUMMARY RefTree is a web application made for managing...
IdeaRE RefTree Path Traversal
=============================================================================== title: IdeaRE RefTree Download Path Traversal product: IdeaRE RefTree =============================================================================== EXECUTIVE SUMMARY RefTree is a web application made for managing...