RSS   Vulnerabilities for 'Railo'   RSS

2020-02-07
 
CVE-2014-5468

CWE-20
 

 
A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obtain sensitive information or execute arbitrary code.

 


Copyright 2024, cxsecurity.com

 

Back to Top