logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2020-14946

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2020-14946

Description:
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath parameters in the URL, or while using a proxy. This vulnerability could be used to view local sensitive files or configuration files.
Last updated date:
01/30/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
07/14/2020
Reference url to background

https://github.com/wsummerhill/BSA-Radar_CVE-Vulnerabilities/blob/master/CVE-2020-14946%20-%20Local%20File%20Inclusion.md

Type:
exploit
Confidence:
HIGH
Date of publishing:
01/30/2023
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy