CVE-2019-25099

MEDIUM

Arthmoor QSF-Portal - Path Traversal

Title source: llm

Description

A vulnerability classified as critical was found in Arthmoor QSF-Portal. This vulnerability affects unknown code of the file index.php. The manipulation of the argument a leads to path traversal. The patch is identified as ea4f61e23ecb83247d174bc2e2cbab521c751a7d. It is recommended to apply a patch to fix this issue. VDB-217558 is the identifier assigned to this vulnerability.

References (3)

Core 3

Core References

Permissions Required, Third Party Advisory vdb-entry technical-description

https://vuldb.com/?id.217558

Permissions Required, Third Party Advisory signature permissions-required

https://vuldb.com/?ctiid.217558

Patch patch

https://github.com/Arthmoor/QSF-Portal/commit/ea4f61e23ecb83247d174bc2e2cbab521c751a7d

View Patch ZIP pw:eip

Scores

CVSS v3 5.5

EPSS 0.0065

EPSS Percentile 46.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (1)

afkmods/qsf-portal < 2019-04-29

Published Jan 06, 2023

Tracked Since Feb 18, 2026