CVE-2025-60915

High CVSS: 8.1

An issue in the size query parameter (/views/file.py) of Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to execute a path traversal via a crafted request.

Vendor

Craws

Product

Openatlas

CWE

CWE-22

Yayın Tarihi

2025-11-24 16:15:50

Güncelleme

2025-11-28 16:22:43

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-22 Openatlas HIGH Craws 2025

Referanslar

https://www.sec4you-pentest.com/schwachstelle/openatlas-schwachstelle-lfi-konfigurationsdatei-exfiltration/ https://www.sec4you-pentest.com/schwachstellen/

Benzer Kayıtlar

Medium

CVE-2025-60917

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Insti…

Medium

CVE-2025-60914

Incorrect access control in Austrian Archaeological Institute Openatlas before v8.12.0 allows attackers to access sensit…

Medium

CVE-2025-60916

A reflected cross-site scripting (XSS) vulnerability in the /overview/network/ endpoint of Austrian Archaeological Insti…

Medium

CVE-2025-56423

An issue in Austrian Academy of Sciences (AW) Austrian Archaeological Institute OpenAtlas v.8.12.0 allows a remote attac…

Medium

CVE-2025-40707

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultura…

Medium

CVE-2025-40708

Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the Austrian Centre for Digital Humanities and Cultura…