Overview
- Description
- Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only consecutive strings ‘/...%5c’.
- Source
- cve-coordination@incibe.es
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
Weaknesses
- cve-coordination@incibe.es
- CWE-22
Social media
- Hype score
- Not currently trending
CVE-2024-11215 Absolute Path Traversal Vulnerability in EasyPHP 14.1 Exploited There is a vulnerability in EasyPHP web server version 14.1. This is an absolute path traversal issue. It means the server does not c... https://t.co/kJaFSR4Bru
@VulmonFeeds
14 Nov 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11215 Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerabilit… https://t.co/8hIEfdfYdc
@CVEnew
14 Nov 2024
98 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes