CyberSec.Space Logo
Back to CVE Browser

CVE-2019-18924

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile13.33th
PublishedNov 12, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.

Affected Platforms (CPE)

📦
Systematic

Iris Webforms

= 5.4

References & Advisories

🔗 https://github.com/vulnerabilities-cve/vulnerabilities
🔗 https://github.com/vulnerabilities-cve/vulnerabilities

Related Vulnerabilities

CVE-2019-189259.8

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

CVE-2019-390510.0

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1068610.0

An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port ...