6 matches found
CVE-2018-14928
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14928
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter...
Path traversal
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...
CVE-2018-14928
CVE-2018-14928 describes a vulnerability where /contingency/servlet/ServletFileDownload executes with root privileges and exposes unauthenticated access to files via the file parameter. This enables file disclosure without authentication. The NVD entry assigns a CVSSv3 base score of 7.5 (HIGH) wi...
CVE-2018-14927
Matera Banco 1.0.0 is vulnerable to path traversal allowing access to system files outside the default application folder via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp...