2 matches found
CVE-2014-8871
Hybris Commerce Software Suite v5.x has a Directory Traversal / Arbitrary File Disclosure vulnerability (CVE-2014-8871). The flaw affects releases up to and including: 5.3.0.1, 5.2.0.3, 5.1.1.2, 5.1.0.1, 5.0.4.4, 5.0.3.3, and 5.0.0.3. Root cause: the media retrieval path uses a Base64-encoded con...
Hybris Commerce Software Suite 5.x File Disclosure / Traversal Vulnerabilities
Various Hybris Commerce Software Suite 5.x suffer from a directory traversal vulnerability that allows for arbitrary file disclosure. Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite During a penetration test, RedTeam Pentesting discovered a Directory Traversal...