CVE-2014-8555

Progress Openedge - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the selection parameter.

Exploits (1)

exploitdb WRITEUP

by XLabs Security · textwebappsjsp

https://www.exploit-db.com/exploits/35127

View Code ZIP pw:eip

References (4)

Core 4

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/35127

Exploit x_refsource_misc

http://packetstormsecurity.com/files/129052/Progress-OpenEdge-11.2-Directory-Traversal.html

Various Sources x_refsource_misc

https://www.xlabs.com.br/blog/?p=256

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/35207

Scores

EPSS 0.0352

EPSS Percentile 87.7%

Details

CWE

CWE-22

Status published

Products (1)

progress/openedge 11.2

Published Nov 12, 2014

Tracked Since Feb 18, 2026