Security Advisory

CVE-2018-17934

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-11-27 21:00:00

Last updated 2024-08-05 11:01:14

Assigner icscert

State PUBLISHED

Description

NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code.

← Browse all CVEs View on cve.org ↗