CVE-2015-8309

Publication date

2017-03-27 15:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."