Arbitrary File Listing and Download Vulnerability in SmartVista Cardgen v3.28.0
CVE-2022-38614 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
An issue in the IGB Files and OutfileService features of SmartVista Cardgen v3.28.0 allows attackers to list and download arbitrary files via modifying the PATH parameter.
Learn more about our Web Application Penetration Testing UK.