| |
Vulnerability CVE-2024-8941
Published: 2024-09-25
| Description: |
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the ??subpage? parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a ??/...? or directly into a path used in the POST parameter ??field_file? by a web application. |
Type:
CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
References: |
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-scriptcase
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
