Arbitrary File Download Vulnerability in eBrigade 4.5 via Directory Traversal
CVE-2019-9622 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
eBrigade through 4.5 allows Arbitrary File Download via ../ directory traversal in the showfile.php file parameter, as demonstrated by reading the user-data/save/backup.sql file.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.