5 matches found
CVE-2014-2069
Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx...
Path traversal
Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx...
CVE-2014-2069
CVE-2014-2069 is an absolute path traversal vulnerability in Eshtery CMS. The flaw exists in FileManager.aspx where an attacker can supply a full pathname via the file parameter to read arbitrary files on the system. This is caused by improper input handling in the CMS file operation. Public refe...
eshtery CMS - FileManager.aspx Local File Disclosure
eshtery CMS - FileManager.aspx Local File Disclosure source: https://www.securityfocus.com/bid/65740/info eshtery CMS is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain...
eshtery CMS - 'FileManager.aspx' Local File Disclosure
source: https://www.securityfocus.com/bid/65740/info eshtery CMS is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on...