CVE-2011-4715

Directory traversal vulnerability in cgi-bin/koha/mainpage.pl in Koha 3.4 before 3.4.7 and 3.6 before 3.6.1, and LibLime Koha 4.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the KohaOpacLanguage cookie to cgi-bin/opac/opac-main.pl, related to Output.pm.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:koha:liblime_koha:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:koha:koha:3.06.00.000:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:koha:koha:3.04.04:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.03:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.02:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.01:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.00:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.06:*:*:*:*:*:*:*
cpe:2.3:a:koha:koha:3.04.05:*:*:*:*:*:*:*

Information

Published : 2011-12-08 11:55

Updated : 2017-08-28 18:30


NVD link : CVE-2011-4715

Mitre link : CVE-2011-4715


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

koha

  • koha
  • liblime_koha