2 matches found
CVE-2021-41950
ResourceSpace 9.6 is affected by a directory traversal vulnerability (CVE-2021-41950) that allows remote unauthenticated attackers to delete arbitrary files on the server via the provider and variant parameters in pages/ajax/tiles.php, potentially taking the application offline. Affected versions...
CVE-2021-41950
A directory traversal issue in ResourceSpace 9.6 before 9.6 rev 18277 allows remote unauthenticated attackers to delete arbitrary files on the ResourceSpace server via the provider and variant parameters in pages/ajax/tiles.php. Attackers can delete configuration or source code files, causing the...