CVE-2014-5258

NONE EPSS 97.1%
Published Nov 6, 201411y ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 6, 2014 11y ago
Last Modified Jun 17, 2026 2w ago

Description

Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

Threat Intelligence

EPSS Exploit Probability
97.1% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
webeditionwebedition_cms* ≤6.3.8.0

References 5

  • packetstormsecurity.com http://packetstormsecurity.com/files/128301/webEdition-6.3.8.0-Path-Traversal.html
    Exploit
  • securityfocus.com http://www.securityfocus.com/archive/1/533465/100/0/threaded
  • webedition.org http://www.webedition.org/de/aktuelles/webedition-cms/webEdition-6.3.9-Beta-erschienen
    Vendor Advisory
  • webedition.org http://www.webedition.org/de/webedition-cms/versionshistorie/webedition-6/version-6.3.9.0
    Vendor Advisory
  • htbridge.com https://www.htbridge.com/advisory/HTB23227
    Exploit

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.