2 matches found
CVE-2018-15540
Agentejo Cockpit exposes a Directory Traversal vulnerability (CVE-2018-15540) due to insufficient validation when performing file operations via the /cockpit/media/api interface. The CNVD entry notes a traversal path allowing an attacker to move the filesystem and access arbitrary files in Cockpi...
CVE-2018-15540
Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an attacker to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal...