3 matches found
CVE-2017-15956
ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php...
CVE-2017-15956
ConverTo Video Downloader & Converter v1.4.1 is vulnerable to an Arbitrary File Download via the token parameter to download.php. CNVD-2017-36121 and CVE-2017-15956 describe that the vulnerability allows downloading arbitrary files by supplying a crafted token, exposing sensitive data. The root c...
CVE-2017-15956
ConverTo Video Downloader & Converter 1.4.1 allows Arbitrary File Download via the token parameter to download.php...