4 matches found
EUVD-2018-20094
Malware in sbrugna...
CVE-2018-20094
An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...
CVE-2018-20094
An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java...
CVE-2018-20094
CVE-2018-20094 affects XXL-CONF 1.6.0 via a path-traversal flaw in the keys parameter that can download arbitrary configuration files. The root cause is described as insufficient validation in ConfController.java and PropUtil.java, enabling an attacker to access sensitive configuration data. The ...