2 matches found
CVE-2022-46309
CVE-2022-46309 stems from a path traversal vulnerability in the Vitals ESP upload function of Galaxy Software Services’ Vitals ESP (a Knowledge Management System). The vulnerability can be exploited by a remote attacker with general user privileges to read arbitrary system files, as described in ...
CVE-2022-46309 Galaxy Software Services Corporation. Vitals ESP - Arbitrary Path File Reading
Vitals ESP upload function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to access arbitrary system files...