mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
678 B
678 B
CVE-2018-7668
Description
TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php.
POC
Reference
- http://lists.openwall.net/full-disclosure/2018/02/28/1
- http://lists.openwall.net/full-disclosure/2018/02/28/1
Github
No PoCs found on GitHub currently.