CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-11215

Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only consecutive strings ‘/...%5c’.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-vulnerability-easyphp

Products affected by CVE-2024-11215

Easyphp » Webserver » Version: 14.1

cpe:2.3:a:easyphp:webserver:14.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11215

Products

Pricing

Contact Us