Vulnerabilities > Rubedo Project

DATE CVE VULNERABILITY TITLE RISK
2018-09-11 CVE-2018-16836 Path Traversal vulnerability in Rubedo Project Rubedo
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
network
low complexity
rubedo-project CWE-22
critical
9.8