2 matches found
CVE-2012-1025
CVE-2012-1025 is an absolute path traversal vulnerability in Enigma2 Webinterface, affecting versions 1.6.0–1.6.8, 1.6rc3, and 1.7.0. The issue allows a remote attacker to read arbitrary files by supplying a full pathname in the file parameter. Several sources (NVD, Red Hat entry, OpenVAS tests) ...
Enigma2 'file' Parameter Information Disclosure Vulnerability
Enigma2 is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download local files in the context of the webserver process. This may allow the attacker to obtain sensitive information; other attacks...