6 matches found
Path traversal
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14928
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter...
CVE-2018-14928
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14928
CVE-2018-14928 describes a vulnerability where /contingency/servlet/ServletFileDownload executes with root privileges and exposes unauthenticated access to files via the file parameter. This enables file disclosure without authentication. The NVD entry assigns a CVSSv3 base score of 7.5 (HIGH) wi...