Bearadmin Project - Bearadmin CVE

Filtered by vendor Bearadmin Project Subscribe

Filtered by product Bearadmin

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-11413	1 Bearadmin Project	1 Bearadmin	2018-06-25	4.0 MEDIUM	6.5 MEDIUM
An issue was discovered in BearAdmin 0.5. Remote attackers can download arbitrary files via /admin/databack/download.html?name= directory traversal sequences, as demonstrated by name=../application/database.php to read the MySQL credentials in the configuration.

Vulnerabilities (CVE)