Directory Traversal Vulnerability in FlightCrew v0.9.2 and Older
CVE-2019-13241 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction.
Learn more about our Web Application Penetration Testing UK.