4 matches found
CVE-2022-44016
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can download arbitrary files from the web server by abusing an API call: /DS/LMAPI/api/ConfigurationService/GetImages with an '"ImagesPath":"C:\"' value...
CVE-2022-44016
creationtimestamp| type| source ---|---|--- 2022-12-25 07:39:41+00:00| seen| https://t.me/cibsecurity/55291...
CVE-2022-44016
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can download arbitrary files from the web server by abusing an API call: /DS/LMAPI/api/ConfigurationService/GetImages with an '"ImagesPath":"C:\"' value...
CVE-2022-44016
CVE-2022-44016 affects Simmeth Lieferantenmanager prior to 5.6. An attacker can download arbitrary files from the web server by abusing the API call /DS/LM_API/api/ConfigurationService/GetImages with an "ImagesPath":"C:\"" value. This allows local file disclosure and impacts confidentiality (high...