CVE-2015-10030

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in packagist/sukohi/surpass

Identifiers

GHSA-c9pw-f4wp-22jr, CVE-2015-10030

Package Slug

packagist/sukohi/surpass

Vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Description

A vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is d22337d453a2a14194cdb02bf12cdf9d9f827aa7. It is recommended to upgrade the affected component. VDB-217642 is the identifier assigned to this vulnerability.

Affected Versions

All versions before 1.0.0

Solution

Upgrade to version 1.0.0 or above.

Last Modified

2023-01-13

source