CVE-2017-10993

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-10993

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10993.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-10993

Aliases

GHSA-x5g4-crxq-qxjx

Published

2017-07-21T06:29:00Z

Modified

2024-09-03T01:36:49.594862Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.

References

https://contao.org/en/news/contao-3_5_28.html

Affected packages

Git / github.com/contao/contao

Affected ranges

Type: GIT
Repo: https://github.com/contao/contao
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

016d79339da322e7833de7184650f17ea95318c4

Last affected

0b0cd9482a0ada6594519155134b039376772312

Last affected

0b42db38002744491efb142cd3f340d946b2e804

Last affected

12799fc7605d2becc14b9e904e130e8b72f1cb8d

Last affected

287ed0b9d24a0d02d70dfb3ef567840f2eb58082

Last affected

296880d1ff5ce6c7e963410698459f78244a8950

Last affected

345201b98d1d37e4b44a9a4d36df5b03aa389234

Last affected

359c17379be372eb9b41743b6f31a42462cdd215

Last affected

3da20aedee6ec2250af9a1d92a028f6401e44816

Last affected

50db87d80a30bea85b0e693620f747f67337c64b

Last affected

5c94502c55f9469b8b48d257137ef231dddc6468

Last affected

5f5d67d321fef5800ed8b023bcf5dfb9191d450c

Last affected

6436d895c13ac9f04b28776bb565c1b1ad50cca5

Last affected

668941d3048dd70ec8cd690054504d10e6cccc8b

Last affected

695264cc3c9bc5ef2b784bef6764cb4df682fbf1

Last affected

6bf08cb496f01550caf3f6868c859049ce8f9ebb

Last affected

797f42e0b7bc67f8b5e6d65b8bf2244bb3783979

Last affected

80a0db00230013ccc7ac8c6be4363c64c0719ca5

Last affected

84b2fe637d5ead531f117f26b48d1b9de8df4074

Last affected

87ea7b3fa846a9a0872f89e2d9dd0d3ff1c4fa30

Last affected

8dfa391d181bddd2c4f6a8385bc01fe401edeb35

Last affected

9cce4ac566e1d3a4abc9984b111b022370b41045

Last affected

a112b68dcb5215b01f2c4c4b8de6bcb3d3b9ae81

Last affected

a23e00073cefcc99fdfe13e8eda60245be49925d

Last affected

ac7cbcd6c75ea85fb6e1dd0eb5d0c05fc794f4a6

Last affected

afeedc98905a9dedd598f5a5814decc1ad1b008d

Last affected

b1a824d5d73c44d897ebfac815fb1a5918903ff9

Last affected

b7926bae1eadebce0d685f3f12bd6f40cd3968e6

Last affected

b9679b43745e3e1be61b672328c9304e01fe6637

Last affected

c71f32b3d95e67e1417926c51da184dcf4f9ffbb

Last affected

da8a867d8335c4ca55e5085dac11f1fecd12650e

Last affected

dfb96f2755181aedb587e897316a656dd933df31

Last affected

e5f8c84d828d3373c8baa71836b58f8b45133d7d

Last affected

e99d03e1a226ebff85ba078c008d579d61ce212a

Last affected

f3c4140f8c2a6ce36c819526c28a27ee7e00bba7

Last affected

fd877b5e0540fb7436fe396b669b00a6497b3a67

Last affected

fe7b7b6441c23315593993941a50dd5b4cffc048

Type: GIT
Repo: https://github.com/contao/core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a44556644b8e548fce79d0ae5f07fc84b940f18d

Affected versions

2.*

2.10.4

2.11.0

2.11.1

2.11.2

2.11.3

2.11.4

2.11.5

2.11.6

2.11.RC1

2.11.RC2

2.6.3

3.*

3.0.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.0.RC1

3.0.RC2

3.0.beta1

3.1.0

3.1.1

3.1.2

3.1.3

3.1.4

3.1.5

3.1.RC1

3.1.beta1

3.2.0

3.2.1

3.2.10

3.2.11

3.2.12

3.2.13

3.2.15

3.2.16

3.2.17

3.2.18

3.2.19

3.2.2

3.2.3

3.2.4

3.2.5

3.2.6

3.2.7

3.2.8

3.2.9

3.2.RC1

3.2.beta1

3.2.beta2

3.3.0

3.3.0-RC1

3.3.0-RC2

3.3.0-beta1

3.3.1

3.3.2

3.3.3

3.3.4

3.3.5

3.3.6

3.3.7

3.3.RC1

3.3.RC2

3.3.beta1

3.4.0

3.4.0-RC1

3.4.0-beta1

3.4.1

3.4.2

3.4.3

3.4.4

3.4.5

3.5.0

3.5.0-RC1

3.5.0-beta1

3.5.1

3.5.10

3.5.11

3.5.12

3.5.13

3.5.14

3.5.15

3.5.16

3.5.17

3.5.18

3.5.19

3.5.2

3.5.20

3.5.21

3.5.22

3.5.23

3.5.24

3.5.25

3.5.26

3.5.27

3.5.3

3.5.4

3.5.5

3.5.6

3.5.7

3.5.8

3.5.9