Simplessus 3.7.7 path directory traversal

Une vulnérabilité a été trouvé dans Simplessus 3.7.7 et classée critique. Affecté par cette vulnérabilité est une fonction inconnue. Mettre à jour à la version 3.8.3 élimine cette vulnérabilité.

Domaine24/02/2017 15:4117/08/2020 09:1925/06/2022 18:20
identifier[SYSS-2017-004] Simplessus Files: Path Traversal[SYSS-2017-004] Simplessus Files: Path Traversal[SYSS-2017-004] Simplessus Files: Path Traversal
person_nameDr. Adrian VollmerDr. Adrian VollmerDr. Adrian Vollmer
availability111
date1487203200 (16/02/2017)1487203200 (16/02/2017)1487203200 (16/02/2017)
publicity111
urlhttp://seclists.org/bugtraq/2017/Feb/40http://seclists.org/bugtraq/2017/Feb/40http://seclists.org/bugtraq/2017/Feb/40
developer_nameDr. Adrian VollmerDr. Adrian VollmerDr. Adrian Vollmer
price_0day$0-$5k$0-$5k$0-$5k
nameUpgradeUpgradeUpgrade
upgrade_version3.8.33.8.33.8.3
seealso972529725297252
cvss2_vuldb_ePOCPOCPOC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcURURUR
cvss3_vuldb_ePPP
cvss3_vuldb_rlOOO
cvss3_vuldb_rcRRR
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
nameSimplessusSimplessusSimplessus
version3.7.73.7.73.7.7
argumentpathpathpath
input_value..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
risk222
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore3.63.63.6
cvss2_vuldb_avNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiNNN
cvss3_meta_basescore5.45.45.4
cvss3_meta_tempscore4.74.74.7
cvss3_vuldb_basescore5.45.45.4
cvss3_vuldb_tempscore4.74.74.7
cvss3_vuldb_avNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aNNN
date1487203200 (16/02/2017)1487203200 (16/02/2017)1487203200 (16/02/2017)
locationBugtraqBugtraqBugtraq
typeMailinglist PostMailinglist PostMailinglist Post
urlhttp://seclists.org/bugtraq/2017/Feb/40http://seclists.org/bugtraq/2017/Feb/40http://seclists.org/bugtraq/2017/Feb/40
cwe022 (directory traversal)22 (directory traversal)
cveCVE-2017-20105

Do you need the next level of professionalism?

Upgrade your account now!