CVE-2019-18870

A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:blaauwproducts:remote_kiln_control:*:*:*:*:*:*:*:*
cpe:2.3:a:blaauwproducts:remote_kiln_control:3.0.0:-:*:*:*:*:*:*
cpe:2.3:a:blaauwproducts:remote_kiln_control:3.0.0:v4:*:*:*:*:*:*

Information

Published : 2020-05-07 07:15

Updated : 2020-05-12 12:19


NVD link : CVE-2019-18870

Mitre link : CVE-2019-18870


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

blaauwproducts

  • remote_kiln_control