CVE-2024-5018

CVSS V2 None CVSS V3 None
Description
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Path Traversal vulnerability exists Wug.UI.Areas.Wug.Controllers.SessionController.LoadNMScript. This allows allows reading of any file from the applications web-root directory .
Overview
  • CVE ID
  • CVE-2024-5018
  • Assigner
  • ProgressSoftware
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-06-25T20:27:11.395Z
  • Last Modified Date
  • 2024-06-25T20:27:11.395Z
History
Created Old Value New Value Data Type Notes
2024-06-26 19:24:00 Added to TrackCVE