| Title | OTCMS was discovered to contain an arbitrary file read vulenrability via the filename |
|---|
| Description | OTCMS was discovered to contain an arbitrary file read vulenrability via the filename
payload:
http://otcms/admin/read.php?mudi=announContent&url=file:///etc/passwdn arbitrary file read vulenrability via the filename
The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
|---|
| Source | ⚠️ https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20read%20vulenrability%20via%20the%20filename.md |
|---|
| User | p0ison (UID 37575) |
|---|
| Submission | 06/06/2023 08:46 (3 years ago) |
|---|
| Moderation | 06/14/2023 08:13 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 231512 [OTCMS up to 6.62 read.php?mudi=announContent url path traversal] |
|---|
| Points | 18 |
|---|