Unrated severityNVD Advisory· Published Apr 21, 2015· Updated May 6, 2026

CVE-2014-5370

Description

Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.

Affected products

New Atlanta/Bluedragon
cpe:2.3:a:new_atlanta:bluedragon:*:*:*:*:*:*:*:*
Range: <=7.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/131504/BlueDragon-CFChart-Servlet-7.1.1.17759-Directory-Traversal.htmlnvdExploitThird Party Advisory
www.exploit-db.com/exploits/36815/nvdExploit
www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5370/nvdExploit
seclists.org/fulldisclosure/2015/Apr/49nvdThird Party Advisory
www.osvdb.org/119527nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000