CVE-2015-0867
SYNCK GRAPHICA Download Log CGI 3.0 - Path Traversal via Crafted Filename
Title source: llmDescription
Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www.synck.com/blogs/news/weblog_1420694040.html
Vendor Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000006
Vendor Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN88559134/index.html
Scores
EPSS
0.0191
EPSS Percentile
77.3%
Details
CWE
CWE-22
Status
published
Products (1)
synck_graphica/download_log_cgi
3.0
Published
Jan 21, 2015
Tracked Since
Feb 18, 2026