CVE-2021-44665

MEDIUM

Xerte < 3.10.3 - Path Traversal

Title source: rule

Description

A Directory Traversal vulnerability exists in the Xerte Project Xerte through 3.10.3 when downloading a project file via download.php.

Exploits (1)

exploitdb WORKING POC
by Rik Lutz · pythonwebappsphp
https://www.exploit-db.com/exploits/50794

References (2)

Scores

CVSS v3 6.5
EPSS 0.0546
EPSS Percentile 90.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
xerte/xerte < 3.10.3
Published Feb 24, 2022
Tracked Since Feb 18, 2026