RSS   Vulnerabilities for 'Maarch rm'   RSS

2020-01-17
 
CVE-2019-15855

CWE-22
 

 
An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service.

 
 
CVE-2019-15854

CWE-269
 

 
An issue was discovered in Maarch RM before 2.5. A privilege escalation vulnerability allows an authenticated user with lowest privileges to give herself highest administration privileges via a crafted PUT request to an unauthorized resource.

 

 >>> Vendor: Maarch 4 Products
Maarch
Letterbox
Gec/ged
Maarch rm


Copyright 2024, cxsecurity.com

 

Back to Top