3 matches found
CVE-2019-9610
An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?respath=resdir=../ directory traversal, related to the getTemplates function in TemplateController.java...
CVE-2019-9610
An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?respath=res&updir=../ directory traversal, related to the getTemplates function in TemplateController.java...
CVE-2019-9610
OFCMS prior to 1.1.3 is affected by a directory traversal in getTemplates.html exposed through admin/cms/template/getTemplates.html?res_path=res&up_dir=../, related to TemplateController.java. The vulnerability allows traversal of directories via the up_dir parameter, as described across CVE/comm...