Path Traversal in Searchblox
CVE-2013-3598
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.022 (80.0th percentile) — read the EPSS interpretation.
Affected products
- Searchblox — versions 6.2, 6.3, 6.4
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
- cret@cert.org (x_refsource_OSVDB, vdb-entry)
- cret@cert.org (x_refsource_MISC)
- cret@cert.org (x_refsource_CONFIRM)