The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The identifier VDB-238637 was assigned to this vulnerability. The exploit has been disclosed to the public and may be used.
The manipulation of the argument filePath leads to path traversal.
This issue affects some unknown processing of the file PrintTemplateFileServlet.java. Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.Ī vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807.
0 kommentar(er)
