Security Advisory

CVE-2019-13396

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-10 13:45:05

Last updated 2024-08-04 23:49:25

Assigner mitre

State PUBLISHED

Description

FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in system_handle_form_submit in modules/system/system.module.

← Browse all CVEs View on cve.org ↗