CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-4510

HIGH
7.8
CVSS Severity Score
EPSS Score0.1920%
EPSS Percentile24.99th
Published2013年11月18日
Last Modified2026年4月29日

Vulnerability Description

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report.

Affected Platforms (CPE)

📦
Tryton

Tryton

= 3.0.0

References & Advisories

🔗 http://hg.tryton.org/tryton/rev/357d0a4d9cb8
🔗 http://www.debian.org/security/2013/dsa-2791
🔗 http://www.openwall.com/lists/oss-security/2013/11/04/21
🔗 http://www.tryton.org/posts/security-release-for-issue3446.html
🔗 https://bugs.tryton.org/issue3446
🔗 http://hg.tryton.org/tryton/rev/357d0a4d9cb8
🔗 http://www.debian.org/security/2013/dsa-2791
🔗 http://www.openwall.com/lists/oss-security/2013/11/04/21

相关漏洞威胁

CVE-2014-66338.8

The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x...

CVE-2019-108686.5

In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 bef...

CVE-2020-370146.4

Tryton 5.4 contains a persistent cross-site scripting vulnerability in the user profile name input that allows remote attackers to...

CVE-2018-194435.9

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circum...