2 matches found
CVE-2018-14957
CVE-2018-14957 affects CMS ISWEB 3.5.3. The vulnerability is a directory traversal that enables local file download via moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php, exposing credentials stored in config.php and enabling an attacker to take control of the application. Pub...
Generic HTTP Directory Traversal / File Inclusion (Web Application URL Parameter) - Active Check
Generic check for HTTP directory traversal / file inclusion vulnerabilities within URL parameters of the remote web application. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...