Directory Traversal Vulnerabilities in iScripts AutoHoster by iScripts
CVE-2013-7190

Currently unrated

Key Information:

Vendor

Iscripts

Status
Autohoster
Vendor
CVE Published:
20 December 2013

What is CVE-2013-7190?

Multiple directory traversal vulnerabilities exist in iScripts AutoHoster that allow remote attackers to access arbitrary files. These vulnerabilities can be exploited through various parameters such as 'tmpid' in 'websitebuilder/showtemplateimage.php', 'fname' in 'admin/downloadfile.php', and 'id' in 'support/admin/csvdownload.php'. Additionally, there are unspecified impacts through other vectors in 'support/parser/main_smtp.php'. Proper validation and sanitization of input parameters are crucial to mitigate these vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/89818
vdb-entryx_refsource_XF
http://seclists.org/fulldisclosure/2013/Dec/121
mailing-listx_refsource_FULLDISC

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.