Directory traversal vulnerability in lib/functions/d-load.php in Horizon Quick Content Management System (QCMS) 4.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-09T15:00:00
Updated: 2024-08-06T18:01:18.898Z
Reserved: 2013-12-18T00:00:00
Link: CVE-2013-7138
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-01-09T18:55:08.197
Modified: 2014-06-27T17:08:16.167
Link: CVE-2013-7138
Redhat
No data.