CVE-2017-7258
HIGHeMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0 - Path Traversal
Title source: llmDescription
HTTP Exploit in eMLi Portal in AuroMeera Technometrix Pvt. Ltd. eMLi allows an Attacker to View Restricted Information or (even more seriously) execute powerful commands on the web server which can lead to a full compromise of the system via Directory Path Traversal, as demonstrated by reading core-emli/Storage. The affected versions are eMLi School Management 1.0, eMLi College Campus Management 1.0, and eMLi University Management 1.0.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://sudoat.blogspot.in/2017/03/path-traversal-vulnerability-in-emli.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/97255
Scores
CVSS v3
7.5
EPSS
0.0225
EPSS Percentile
80.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
auromeera/emli
1.0
Published
Mar 29, 2017
Tracked Since
Feb 18, 2026