Directory Traversal Vulnerability in webEdition CMS by webEdition
CVE-2014-5258

Currently unrated

Key Information:

Vendor

Webedition

Status
Webedition Cms
Vendor
CVE Published:
6 November 2014

What is CVE-2014-5258?

A directory traversal vulnerability exists in the showTempFile.php file of webEdition CMS versions prior to 6.3.9.0 Beta. This flaw allows authenticated remote users to exploit the application by manipulating the file parameter, potentially gaining unauthorized access to sensitive files on the server. Exploitation could lead to exposure of confidential information, making it crucial for users to upgrade to the latest version and apply security best practices to safeguard their web applications.

References

https://www.htbridge.com/advisory/HTB23227
x_refsource_MISC
http://www.webedition.org/de/aktuelles/webedition-cms/web...
x_refsource_MISC
http://www.securityfocus.com/archive/1/533465/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.