CVE-2019-18924

MEDIUM

5.3

CVSS Severity Score

EPSS Score0.0390%

EPSS Percentile13.33th

Published2019年11月12日

Last Modified2024年11月21日

Vulnerability Description

Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By manipulating variables that reference files with ../ (and variations), it is possible to list all the directories and check if a particular file exists.

Affected Platforms (CPE)

📦

Systematic

Iris Webforms

= 5.4

References & Advisories

🔗 https://github.com/vulnerabilities-cve/vulnerabilities

相关漏洞威胁

CVE-2019-189259.8

Systematic IRIS WebForms 5.4 and its functionalities can be accessed and used without any form of authentication.

CVE-2019-1170810.0

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the no...

CVE-2019-623510.0

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12...

CVE-2019-1858010.0

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of Untrusted Data vulnerability. A rem...