Path Traversal Vulnerability in Open XDMoD Allows Remote PDF File Reading

Path Traversal Vulnerability in Open XDMoD Allows Remote PDF File Reading

CVE-2018-16961 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in Open XDMoD through 7.5.0. html/gui/general/dl_publication.php allows Path traversal via the file parameter, allowing remote attackers to read PDF files in arbitrary directories.

Learn more about our Web Application Penetration Testing UK.