Security Advisory

CVE-2011-2195

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-26 12:10:00

Last updated 2024-08-06 22:53:17

Assigner redhat

State PUBLISHED

Description

A flaw was found in WebSVN 2.3.2. Without prior authentication, if the allowDownload option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed path argument to execute arbitrary commands against the underlying operating system.

← Browse all CVEs View on cve.org ↗