CVE-2012-1471

Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Published: Oct 2, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1471
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
ocportal / ocportal	4.2.1	4.2.1.x
ocportal / ocportal	6.0-rc2	6.0-rc2.x
ocportal / ocportal	4.1	4.1.x
ocportal / ocportal	4.1.6	4.1.6.x
ocportal / ocportal	4.2.2	4.2.2.x
ocportal / ocportal	4.3-rc2	4.3-rc2.x
ocportal / ocportal	5.0-rc1	5.0-rc1.x
ocportal / ocportal	6.0.2	6.0.2.x
ocportal / ocportal	4.1.10	4.1.10.x
ocportal / ocportal	4.2-rc1	4.2-rc1.x
ocportal / ocportal	5.0.3	5.0.3.x
ocportal / ocportal	5.0.2	5.0.2.x
ocportal / ocportal	4.3-rc3	4.3-rc3.x
ocportal / ocportal	4.3.1	4.3.1.x
ocportal / ocportal	4.1.8	4.1.8.x
ocportal / ocportal	6.0	6.0.x
ocportal / ocportal	-	7.1.5.x
ocportal / ocportal	4.1.1	4.1.1.x
ocportal / ocportal	4.1.12	4.1.12.x
ocportal / ocportal	4.2-rc2	4.2-rc2.x
ocportal / ocportal	4.0.4	4.0.4.x
ocportal / ocportal	6.0-rc1	6.0-rc1.x
ocportal / ocportal	6.0-beta1	6.0-beta1.x
ocportal / ocportal	4.1.9	4.1.9.x
ocportal / ocportal	7.1.3	7.1.3.x
ocportal / ocportal	4.0.3	4.0.3.x
ocportal / ocportal	6.2-rc1	6.2-rc1.x
ocportal / ocportal	6.0-rc3	6.0-rc3.x
ocportal / ocportal	7.0.1	7.0.1.x
ocportal / ocportal	7.0	7.0.x
ocportal / ocportal	7.1	7.1.x
ocportal / ocportal	4.2-rc3	4.2-rc3.x
ocportal / ocportal	4.0.5	4.0.5.x
ocportal / ocportal	5.1-beta1	5.1-beta1.x
ocportal / ocportal	4.2-beta2	4.2-beta2.x
ocportal / ocportal	6.0-beta2	6.0-beta2.x
ocportal / ocportal	4.0.1	4.0.1.x
ocportal / ocportal	4.1.11	4.1.11.x
ocportal / ocportal	7.1.4	7.1.4.x
ocportal / ocportal	6.1.1	6.1.1.x
ocportal / ocportal	4.2	4.2.x
ocportal / ocportal	4.1.4	4.1.4.x
ocportal / ocportal	4.3.2	4.3.2.x
ocportal / ocportal	7.1.1	7.1.1.x
ocportal / ocportal	4.0.2	4.0.2.x
ocportal / ocportal	4.1.3	4.1.3.x
ocportal / ocportal	7.1.2	7.1.2.x
ocportal / ocportal	4.3-rc1	4.3-rc1.x
ocportal / ocportal	5.0.2-beta1	5.0.2-beta1.x
ocportal / ocportal	4.0	4.0.x
ocportal / ocportal	5.0	5.0.x
ocportal / ocportal	6.0.3	6.0.3.x
ocportal / ocportal	4.2-beta1	4.2-beta1.x
ocportal / ocportal	4.3	4.3.x
ocportal / ocportal	5.0.1	5.0.1.x
ocportal / ocportal	6.1	6.1.x
ocportal / ocportal	7.1-beta1	7.1-beta1.x
ocportal / ocportal	4.1.13	4.1.13.x
ocportal / ocportal	4.1.2	4.1.2.x
ocportal / ocportal	4.1.5	4.1.5.x
ocportal / ocportal	6.0.1	6.0.1.x

Vulnerability Database

CVE-2012-1471

Deep Security Visibility Without the Complexity