2 matches found
CVE-2020-14946
CVE-2020-14946 affects Global RADAR BSA Radar versions 1.6.7234.24750 and earlier. The vulnerability resides in the Administrator section of the Surveillance module via the /UC/downloadFile.ashx endpoint, where manipulating FileName and FilePath (in the URL or through a proxy) can disclose local ...
CVE-2020-14946
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath...