Path Traversal Flaw in EasyPHP Web Server by EasyPHP
CVE-2024-11215

Currently unrated

Key Information:

Vendor: EasyPHP
Status: EasyPHP Web Server
Vendor: CVE Published:; 14 November 2024

What is CVE-2024-11215?

A path traversal vulnerability has been identified in EasyPHP web server, specifically affecting version 14.1. This flaw allows remote users to circumvent SecurityManager restrictions by manipulating directory paths. By using specific input patterns, attackers can access files outside of restricted directories, potentially exposing sensitive data stored on the server.

References

https://www.incibe.es/en/incibe-cert/notices/aviso/path-t...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2024

JSON