Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2015-01-13T15:00:00
Updated: 2024-08-06T14:10:56.432Z
Reserved: 2015-01-13T00:00:00
Link: CVE-2014-100029
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-01-13T15:59:30.413
Modified: 2017-09-08T01:29:02.260
Link: CVE-2014-100029
Redhat
No data.