High severity7.5NVD Advisory· Published Sep 23, 2019· Updated Jun 17, 2026
CVE-2019-13063
CVE-2019-13063
Description
Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to include any victim files on the system via the script parameter on the Script_view page. This will result in file disclosure (i.e., being able to pull any file from the remote victim application). This can be used to steal and obtain sensitive config and other files. This can result in complete compromise of the application. The script parameter is vulnerable to directory traversal and both local and remote file inclusion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Sahi Pro/Sahi Prodescription
Patches
Vulnerability mechanics
References
2- www.exploit-db.com/exploits/47062nvdExploitThird Party AdvisoryVDB Entry
- sahipro.com/downloads-archive/nvdVendor Advisory
News mentions
0No linked articles in our index yet.