4 matches found
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter...
CVE-2013-2474
Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter...
CVE-2013-2474
AWS XMS 2.5 is affected by CVE-2013-2474, a directory traversal vulnerability in importer.php?what that allows remote attackers to read arbitrary files. The root cause is insufficient filtration of the what parameter before it is used in PHP file() (and related code paths), enabling access to sen...
AWS XMS 2.5 (importer.php, what param) - Directory Traversal Vulnerability
No description provided by source...