VulnCheck KEV: CVE-2018-20470

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal arbitrary file access vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files...

Sahi pro 7.x/8.x - Directory Traversal Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Sahi pro :/s/dyn/Loghighlight?href=../../../../windows/win.ini&n=1selected 0day.today 2019-06-18...

CVE-2018-20470

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal arbitrary file access vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files...

CVE-2018-20470

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal arbitrary file access vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files...

Code injection

An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A web reports module has "export to excel features" that are vulnerable to CSV injection. An attacker can embed Excel formulas inside an automation script that, when exported after execution, results in code execution...

CVE-2018-20470

Tyto Sahi Pro through 8.0.0 is affected by a Local File Inclusion / directory traversal vulnerability in the web reports module, enabling an attacker to view sensitive server files. Affected: Tyto Sahi Pro versions through 7.x.x and 8.0.0 (per CVE-2018-20470). Root cause: improper handling of fil...

PT-2019-10075 · Tyto · Tyto Sahi Pro

Name of the Vulnerable Software and Affected Versions: Tyto Sahi Pro versions prior to 8.0.1 Description: A directory traversal issue exists in the web reports module, allowing an outside attacker to access sensitive files. Recommendations: For versions prior to 8.0.1, update to version 8.0.1 or...