GHSA-X8XM-WRJQ-5G54 Stakater Forecastle has a directory traversal vulnerability

Stakater Forecastle 1.0.139 and before allows %5C../ directory traversal in the website component...

CVE-2023-40297

CVE-2023-40297 affects Stakater Forecastle 1.0.139 and earlier. The vulnerability is a directory traversal flaw in the website component, enabled by insufficient validation of URL paths (e.g., “\../” sequences), allowing an attacker to access sensitive files. The CVSSv3.1 vector (AV:N/AC:L/PR:N/U...

Stakater Forecastle 安全漏洞

Stakater Forecastle is a control panel from Stakater that dynamically discovers and provides a launchpad to access applications deployed on Kubernetes. A security vulnerability exists in Stakater Forecastle versions 1.0.139 and earlier, which stems from allowing directory traversal in a website...

PT-2023-27365 · Stakater · Stakater Forecastle

Name of the Vulnerable Software and Affected Versions: Stakater Forecastle versions 1.0.139 and before Description: The issue is related to a directory traversal vulnerability in the website component, allowing %5C../ directory traversal. This vulnerability is present in the Stakater Forecastle...

CVE-2017-10173

Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications subcomponent: Website. Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via...