Vulnerability Details CVE-2021-33807
Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/doDownloadData and gespage/webapp/doDownloadData.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.759
EPSS Ranking 98.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://support.gespage.com/fr/support/solutions/articles/14000130201-security-advisory-gespage-directory-traversal
- https://www.cartadis.com/gespage-website/
- https://www.gespage.com
- https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf
- https://support.gespage.com/fr/support/solutions/articles/14000130201-security-advisory-gespage-directory-traversal
- https://www.cartadis.com/gespage-website/
- https://www.gespage.com
- https://www.on-x.com/sites/default/files/on-x_-_security_advisory_-_gespage_-_cve-2021-33807.pdf
Products affected by CVE-2021-33807
-
cpe:2.3:a:gespage:gespage:-
-
cpe:2.3:a:gespage:gespage:7.4.9
-
cpe:2.3:a:gespage:gespage:7.5.7
-
cpe:2.3:a:gespage:gespage:8.0.0
-
cpe:2.3:a:gespage:gespage:8.1.3
-
cpe:2.3:a:gespage:gespage:8.2.0
-
cpe:2.3:a:gespage:gespage:8.2.1