Squeeze
Monthly
Squeeze versions 1.7.7 and earlier contain a path traversal vulnerability that allows authenticated attackers to access files outside the intended directory through manipulated file paths. An attacker with valid credentials could leverage this flaw to read sensitive files on the affected system, though code execution and data modification are not possible.
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Squeeze versions 1.7.7 and earlier contain a path traversal vulnerability that allows authenticated attackers to access files outside the intended directory through manipulated file paths. An attacker with valid credentials could leverage this flaw to read sensitive files on the affected system, though code execution and data modification are not possible.
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.4. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.