Openbravo ERP prior to 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated malicious users to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbravo openbravo erp 3.0 |