Directory Traversal Vulnerability in Pydio Cells before 1.5.0 Allows Privilege Escalation
CVE-2019-12901 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing an attacker with minimum privilege to Upload files to, and Delete files/folders from, an unprivileged directory, leading to Privilege escalation.
Learn more about our Web Application Penetration Testing UK.