Security Advisory

CVE-2020-36364

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-19 18:57:20

Last updated 2024-08-04 17:23:10

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0. Administration/Controllers/ImportController.cs allows path traversal (for copy and delete actions) in the ImportController.Create method via a TempFileName field.

← Browse all CVEs View on cve.org ↗