CVE-2016-15019
15.01.2023, 19:15
A vulnerability was found in tombh jekbox. It has been rated as problematic. This issue affects some unknown processing of the file lib/server.rb. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The patch is named 64eb2677671018fc08b96718b81e3dbc83693190. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218375.
| Vendor | Product | Version |
|---|---|---|
| jekbox_project | jekbox | 𝑥 < 2016-02-01 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-548 - Exposure of Information Through Directory ListingA directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.