2 matches found
CVE-2017-9416
Odoo 8.0/9.0/10.0 are vulnerable to Local File Inclusion via tools.file_open. The root cause is a directory traversal flaw that allows a remote authenticated user to read arbitrary files readable by the Odoo service. The nuclei template confirms the affected versions and impact (read arbitrary se...
CVE-2017-9416
Directory traversal vulnerability in tools.fileopen in Odoo 8.0, 9.0, and 10.0 allows remote authenticated users to read arbitrary local files readable by the Odoo service...