Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Xuxueli Subscribe
Filtered by product Xxl-conf
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-20094 1 Xuxueli 1 Xxl-conf 2019-01-04 5.0 MEDIUM 7.5 HIGH
An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java.