Lucene search
GoogleOSV:GHSA-4R6G-XHX7-FM36HistoryMay 17, 2022 - 2:42 a.m.
Contao Core directory traversal vulnerability
2022-05-1702:42:22
Google
osv.dev
8
Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote authenticated backend users to view files outside their file mounts or the document root via unspecified vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| contao/core | eq | 3.0.RC2 | |
| contao/core | eq | 2.6.8 | |
| contao/core | eq | 2.6.3 | |
| contao/core | eq | 2.7.6 | |
| contao/core | eq | 3.2.2 | |
| contao/core | eq | 2.8.0 | |
| contao/core | eq | 2.10.2 | |
| contao/core | eq | 2.7.5 | |
| contao/core | eq | 2.11.RC1 | |
| contao/core | eq | 3.2.17 |
References
contao.org/en/news/contao-3_2_19.html
contao.org/en/news/contao-3_4_4.html
contao.org/en/news/directory-traversal-vulnerability-cve-2015-0269.html
github.com/contao/core
github.com/contao/core/commit/0229e839b4849e402256b972eb62f89f2c29674d
github.com/FriendsOfPHP/security-advisories/blob/master/contao/core/CVE-2015-0269.yaml
nvd.nist.gov/vuln/detail/CVE-2015-0269
Related
cve
cve
CVE-2015-0269
2017-05-26 17:29:00
friendsofphp
friendsofphp
github
github
Contao Core directory traversal vulnerability
2022-05-17 02:42:22
contao
contao
Directory traversal in the back end
2015-02-12 00:00:00
prion
prion
Directory traversal
2017-05-26 17:29:00
nvd
nvd
CVE-2015-0269
2017-05-26 17:29:00
cvelist
cvelist
CVE-2015-0269
2017-05-26 17:00:00