Lucene search
Veracode Vulnerability DatabaseVERACODE:38968HistoryJan 24, 2023 - 12:55 a.m.
Path Traversal
2023-01-2400:55:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
froxlor
path traversal
remote attacker
0.0004 Low
EPSS
Percentile
9.0%
froxlor/froxlor is vulnerable to Path Traversal. A remote attacker is able to use path traversal to leak local files such as /etc/passwd or config, because there is no filename validation for logo_image_login and logo_image_header on import and export functions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| froxlor/froxlor | le | 0.10.38.3 | |
| froxlor/froxlor | le | 0.10.38.3 |
Related
osv
osv
CVE-2023-0316
2023-01-16 01:15:09
Froxlor is vulnerable to path traversal
2023-01-16 03:30:25
nvd
nvd
CVE-2023-0316
2023-01-16 01:15:09
huntr
huntr
Local File Read through Improper Filename Validation
2022-12-29 13:05:24
prion
prion
Path traversal
2023-01-16 01:15:00
cvelist
cvelist
CVE-2023-0316 Path Traversal: '\..\filename' in froxlor/froxlor
2023-01-16 00:00:00
cve
cve
CVE-2023-0316
2023-01-16 01:15:09
github
github
Froxlor is vulnerable to path traversal
2023-01-16 03:30:25