CVE-2018-16485

Summary

Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.

Affected Software

VendorProductVersion RangeStatus
HackerOnem-server<1.4.1affected

Weaknesses

  • CWE-22: Path Traversal (CWE-22)

ADP Enrichment

CVE Program Container

Additional References

References