CVE-2018-19114

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-19114

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19114.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-19114

Published

2018-11-08T18:29:00.460Z

Modified

2026-04-10T04:08:05.288920Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a Cookie: header with a mindocid value containing the relative pathname of this uploaded file. For example, the mindocid (aka session ID) could be of the form aa/../../uploads/blog/201811/attach_#.jpg where '#' is a hex value displayed in the upload field of a manage/blogs/edit/ screen.

References

https://github.com/lifei6671/mindoc/issues/384

Affected packages

Git / github.com/lifei6671/mindoc

Affected ranges

Type

GIT

Repo

https://github.com/lifei6671/mindoc

Events

Introduced

Last affected

1d8d74afb16dbc275a07f72acaa3463c40493c83

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2"
        }
    ]
}

Affected versions

v0.*

v0.1

v0.1.1

v0.1.2

v0.10

v0.10.1

v0.11

v0.12

v0.13

v0.13.1

v0.13.2

v0.13.3

v0.13.4

v0.3

v0.4

v0.5

v0.5.1

v0.7

v0.7.1

v0.7.2

v0.7.3

v0.8

v0.8.1

v0.9

v1.*

v1.0

v1.0.1

v1.0.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19114.json"