SecuritySpace - CVE-2017-5480

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-5480

Description: Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-5480
BugTraq ID: 95454
http://www.securityfocus.com/bid/95454

CVE ID:	CVE-2017-5480
Description:	Directory traversal vulnerability in inc/files/files.ctrl.php in b2evolution through 6.8.3 allows remote authenticated users to read or delete arbitrary files by leveraging back-office access to provide a .. (dot dot) in the fm_selected array parameter.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-5480 BugTraq ID: 95454 http://www.securityfocus.com/bid/95454