7 matches found
EUVD-2018-3288
Malware in sbrugna...
Directory Traversal
FileDownloader is vulnerable to directory traversal. Failing to check filename in util/FileDownloadUtils.java allows the attacker to trigger the attack by sending a file attachment's name with ../...
Directory traversal
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal...
CVE-2018-11248
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal...
CVE-2018-11248
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal...
CVE-2018-11248
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal...
CVE-2018-11248
The CVE CVE-2018-11248 affects FileDownloader 1.7.3, where util/FileDownloadUtils.java does not properly validate the attachment name. An attacker can supply a filename containing ../, enabling directory traversal and potential storage outside the intended directory. This vulnerability is describ...