Unrated severityNVD Advisory· Published Nov 6, 2014· Updated Jun 17, 2026
CVE-2014-5258
CVE-2014-5258
Description
Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:webedition:webedition_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:webedition:webedition_cms:*:*:*:*:*:*:*:*range: <=6.3.8.0
- (no CPE)range: <6.3.9.0
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/128301/webEdition-6.3.8.0-Path-Traversal.htmlnvdExploit
- www.htbridge.com/advisory/HTB23227nvdExploit
- www.webedition.org/de/aktuelles/webedition-cms/webEdition-6.3.9-Beta-erschienennvdVendor Advisory
- www.webedition.org/de/webedition-cms/versionshistorie/webedition-6/version-6.3.9.0nvdVendor Advisory
- www.securityfocus.com/archive/1/533465/100/0/threadednvd
News mentions
0No linked articles in our index yet.