3 matches found
CVE-2023-38879
creationtimestamp| type| source ---|---|--- 2025-05-27 08:09:41+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-38879.yaml 2025-05-27 21:02:16+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lq6lkkrkoi22...
CVE-2023-38879
The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'...
CVE-2023-38879
openSIS Classic Community Edition v9.0 is affected by a path traversal in the filename parameter of DownloadWindow.php, enabling unauthenticated remote reading of arbitrary server files. The Nuclei template for CVE-2023-38879 corroborates the vulnerability, naming the endpoint and impact. Root ca...