86 matches found
CVE-2014-2575
Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. dot dot in the EVENTARGUMENT parameter...
Directory traversal
Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. dot dot in the EVENTARGUMENT parameter...
CVE-2014-2575
The CVE-2014-2575 entry concerns DevExpress ASPxFileManager for WebForms and MVC. A directory traversal vulnerability allows remote authenticated users to read or write arbitrary files by supplying a relative path in __EVENTARGUMENT, affecting DevExpress ASPxFileManager versions up to 13.2.8 (and...
CVE-2014-2575
Directory traversal vulnerability in the File Manager component in DevExpress ASPxFileManager Control for ASP.NET WebForms and MVC before 13.1.10 and 13.2.x before 13.2.9 allows remote authenticated users to read or write arbitrary files via a .. dot dot in the EVENTARGUMENT parameter...
DevExpress ASP.NET File Manager 13.2.8 Directory Traversal
DevExpress ASP.NET File Manager versions 10.2 through 13.2.8 suffer from a directory traversal vulnerability. Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and...
DevExpress ASP.NET File Manager 13.2.8 Directory Traversal
Advisory: Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and File Upload. Attackers are able to read arbitrary files by specifying a relative path. Details =====...