What is CVE-2018-12909?

CVE-2018-12909 is a vulnerability in N/a. Published 2018-06-27.

Is CVE-2018-12909 known to be exploited?

14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-12909

Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is no…

EPSS: 0.897 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/Goby
20142995/pocsuite3
ARPSyndicate/cvemon
HimmelAward/Goby_
J1ezds/Vulnerability-Wiki-page
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
NyxAzrael/Goby_
Threekiii/Awesome-POC

References

github.com/jokkedk/webgrind/issues/112 (x_refsource_MISC)

Frequently asked questions

What is CVE-2018-12909?: CVE-2018-12909 is a vulnerability in N/a. Published 2018-06-27.
Is CVE-2018-12909 known to be exploited?: 14 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.