7 matches found
WSO2 Carbon directory traversal vulnerability
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the logFile parameter in the LogViewer Admin Service. An attacker can read arbitrary files by manipulating the input to include directory traversal sequences such as .. dot dot. This is only exploitable if the...
GHSA-MJWW-VQQW-V78Q WSO2 Carbon directory traversal vulnerability
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
Directory traversal
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. dot dot in the logFile parameter to downloadgz-ajaxprocessor.jsp...
CVE-2016-4314
CVE-2016-4314 affects WSO2 Carbon 4.4.5. It is a Local File Inclusion vulnerability in the LogViewer Admin Service: an authenticated administrator can read arbitrary files by injecting .. into the logFile parameter of downloadgz-ajaxprocessor.jsp. Multiple references document the issue and an exp...