Medium severity6.5NVD Advisory· Published Jul 25, 2017· Updated Jun 17, 2026
CVE-2015-4462
CVE-2015-4462
Description
Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file from url" field in the file manager for professor.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <3.6.15.5
- Range: <3.6.15.5
Patches
Vulnerability mechanics
References
2- mohankallepalli.blogspot.in/2015/05/eFront-cms-multiple-bugs.htmlnvdExploitThird Party Advisory
- forum.efrontlearning.net/viewtopic.phpnvdVendor Advisory
News mentions
0No linked articles in our index yet.