CyberSec.Space Logo
Back to CVE Browser

CVE-2013-4510

HIGH
7.8
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile24.99th
PublishedNov 18, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report.

Affected Platforms (CPE)

πŸ“¦
Tryton

Tryton

= 3.0.0

References & Advisories

πŸ”— http://hg.tryton.org/tryton/rev/357d0a4d9cb8
πŸ”— http://www.debian.org/security/2013/dsa-2791
πŸ”— http://www.openwall.com/lists/oss-security/2013/11/04/21
πŸ”— http://www.tryton.org/posts/security-release-for-issue3446.html
πŸ”— https://bugs.tryton.org/issue3446
πŸ”— http://hg.tryton.org/tryton/rev/357d0a4d9cb8
πŸ”— http://www.debian.org/security/2013/dsa-2791
πŸ”— http://www.openwall.com/lists/oss-security/2013/11/04/21

Related Vulnerabilities

CVE-2014-66338.8

The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x...

CVE-2019-108686.5

In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 bef...

CVE-2020-370146.4

Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to...

CVE-2018-194435.9

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circum...