VYPR
High severity7.5OSV Advisory· Published Jun 27, 2018· Updated Jun 17, 2026

CVE-2018-12909

CVE-2018-12909

Description

Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a "publicly accessible environment.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Jokkedk/WebgrindOSV2 versions
    0.3, 0.4, 0.5, …+ 1 more
    • (no CPE)range: 0.3, 0.4, 0.5, …
    • (no CPE)range: =1.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.