4 matches found
CVE-2022-28451
nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature...
nopCommerce BackupAction Directory Traversal (CVE-2022-28451)
A Directory Traversal vulnerability exists in nopCommerce. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
CVE-2022-28451
nopCommerce 4.50.1 is vulnerable to Directory Traversal via the backup file in the Maintenance feature...
CVE-2022-28451
CVE-2022-28451 affects nopCommerce 4.50.1 via a Directory Traversal vulnerability in the Maintenance feature’s backup file handling. The root cause is improper validation of backup file paths in the BackupAction flow of the CommonController.cs/file, allowing access to arbitrary files outside the ...