Lucene search
K

4 matches found

Veracode
Veracode
added 2022/10/12 1:1 a.m.14 views

Information Disclosure

melisplatform/melis-asset-manager is vulnerable to information disclosure. The vulnerability is due to the displayFile function not properly checking whether the requested file is outside the restricted directory, allowing an attacker to read arbitrary files...

8.6CVSS7AI score0.01471EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/11 8:46 p.m.20 views

GHSA-7FJ2-RRQ6-RPHQ melisplatform/melis-asset-manager vulnerable to Path Traversal

Impact Attackers can read arbitrary files on affected versions of melisplatform/melis-asset-manager, leading to the disclosure of sensitive information. Conducting this attack does not require authentication. Users should immediately upgrade to melisplatform/melis-asset-manager = 5.0.1. Patches...

7.5CVSS7.8AI score0.01471EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/10/11 8:46 p.m.26 views

melisplatform/melis-asset-manager vulnerable to Path Traversal

Impact Attackers can read arbitrary files on affected versions of melisplatform/melis-asset-manager, leading to the disclosure of sensitive information. Conducting this attack does not require authentication. Users should immediately upgrade to melisplatform/melis-asset-manager = 5.0.1. Patches...

8.6CVSS7.2AI score0.01471EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.2 views

Melis Platform 路径遍历漏洞

Melis Platform is an open source cross-framework digital platform from Melis Platform Open Source. A path traversal vulnerability exists in Melis Platform MelisAssetManager. An attacker exploiting this vulnerability could read arbitrary files, which could lead to the disclosure of sensitive...

8.6CVSS7.7AI score0.01471EPSS
Exploits0References3
Rows per page
Query Builder