CVE-2019-20354 | piSignage up to 2.6.3 api/settings/log file path traversal (ID 155864 / EDB-47882)

10月 1, 2024
5:57 am

A vulnerability, which was classified as critical, was found in piSignage up to 2.6.3. This affects an unknown part of the file api/settings/log. The manipulation of the argument file with the input ../ leads to path traversal.

This vulnerability is uniquely identified as CVE-2019-20354. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

It is recommended to upgrade the affected component.

CVE-2019-20354 | piSignage up to 2.6.3 api/settings/log file path traversal (ID 155864 / EDB-47882)

Elvescore.io

Recent Posts

CVE-2024-12884 – Codezips E-Commerce Website SQL Injection

CVE-2024-51463 – IBM i SSRF

CVE-2024-51464 – IBM Navigator for i Access Bypass Vulnerability

CVE-2024-12883 – Code-projects Job Recruitment Cross Site Scripting

CVE-2024-12875 – Easy Digital Downloads WordPress Directory Traversal Vulnerability

CVE-2024-10453 – Elementor Website Builder Stored Cross-Site Scripting Vulnerability

CVE-2019-20354 | piSignage up to 2.6.3 api/settings/log file path traversal (ID 155864 / EDB-47882)

CVE-2019-20354 | piSignage up to 2.6.3 api/settings/log file path traversal (ID 155864 / EDB-47882)