CVE-2017-17793
N/A
N/A
Summary
Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to defeat a filename-randomization protection mechanism, and read backup archives on Windows servers, by providing the archiv~1.zip name (aka an 8.3 filename).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/BlogoText/blogotext/commit/101dc1d37010a1d877d6961ed2f32d089c708e91
- https://github.com/BlogoText/blogotext/issues/345
References
- https://github.com/BlogoText/blogotext/commit/101dc1d37010a1d877d6961ed2f32d089c708e91
- https://github.com/BlogoText/blogotext/issues/345
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.