VYPR
Unrated severityNVD Advisory· Published Feb 2, 2014· Updated Jun 17, 2026

CVE-2013-7300

CVE-2013-7300

Description

Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

21
  • cpe:2.3:a:craig_drummond:cantata:*:*:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:craig_drummond:cantata:*:*:*:*:*:*:*:*range: <=1.2.1
    • cpe:2.3:a:craig_drummond:cantata:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.8.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:craig_drummond:cantata:1.2.0:*:*:*:*:*:*:*
  • Cantata/cantatallm-create
    Range: <1.2.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.