CVE-2014-4306
Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. (dot dot) in the logfile parameter in a download action.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0638 (6.4%)
Percentil: 91.1%
EPSS: 2026-05-06
Afecta
webtitan:webtitanDescripción técnica
Directory traversal vulnerability in logs-x.php in WebTitan before 4.04 allows remote attackers to read arbitrary files via a .. (dot dot) in the logfile parameter in a download action.
Publicada: 18/6/2014, 14:55:13
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://packetstormsecurity.com/files/126984/WebTitan-4.01-Build-68-SQL-Injection-Command-Execution.html
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140606-0_WebTitan_Multiple_Vulnerabilities_v10.txt
- http://packetstormsecurity.com/files/126984/WebTitan-4.01-Build-68-SQL-Injection-Command-Execution.html
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140606-0_WebTitan_Multiple_Vulnerabilities_v10.txt