Directory Traversal Vulnerability in Montala Limited ResourceSpace
CVE-2015-3648

Currently unrated

Key Information:

Vendor

Montala

Status
Resourcespace
Vendor
CVE Published:
9 June 2015

What is CVE-2015-3648?

A directory traversal vulnerability exists in the pages/setup.php file of Montala Limited's ResourceSpace application, which allows remote attackers to include and execute arbitrary files from the local system. By exploiting this vulnerability, attackers can manipulate the 'defaultlanguage' parameter to traverse directories and access sensitive files, potentially compromising the integrity of the system. Users are advised to update to the latest version to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.htbridge.com/advisory/HTB23258
x_refsource_MISC
http://packetstormsecurity.com/files/132142/ResourceSpace...
x_refsource_MISC
http://www.securityfocus.com/archive/1/535669/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.