2 matches found
CVE-2014-5350
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a 1 .. dot dot in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or 2 %2E%2E encoded dot dot in the default URI to port 7074 ...
CVE-2014-5350
Bitdefender GravityZone vulnerability CVE-2014-5350 affects GravityZone before 5.1.11.432. The flaw allows directory traversal to read arbitrary files via (1) .. in id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console, and (2) encoded dot-dot in the default URI to port 7074 o...