Security Advisory

CVE-2015-4462

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-07-25 18:00:00

Last updated 2024-08-06 06:18:11

Assigner mitre

State PUBLISHED

Description

Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php.

← Browse all CVEs View on cve.org ↗