Unrated severityNVD Advisory· Published May 14, 2014· Updated May 6, 2026
CVE-2013-3514
CVE-2013-3514
Description
Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote administrators to read arbitrary files via a .. (dot dot) in the group parameter to (1) plugin-preferences.php or (2) plugin-settings.php in www/admin, a different vulnerability than CVE-2013-7376. NOTE: this can be leveraged using CSRF to allow remote unauthenticated attackers to read arbitrary files.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- seclists.org/bugtraq/2013/Jul/27nvdExploit
- www.htbridge.com/advisory/HTB23155nvdExploit
- osvdb.org/94778nvd
News mentions
0No linked articles in our index yet.