Security Advisory

CVE-2014-10010

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-01-13 11:00:00

Last updated 2024-08-06 14:02:38

Assigner mitre

State PUBLISHED

Description

Directory traversal vulnerability in PHPJabbers Appointment Scheduler 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter in a pjActionDownload action to the pjBackup controller.

← Browse all CVEs View on cve.org ↗