High severity7.5NVD Advisory· Published Jan 21, 2020· Updated Jun 17, 2026
CVE-2019-14767
CVE-2019-14767
Description
In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence (dossier=../) and servletrecuperefichier (document=../) allows an unauthenticated user to download arbitrary files from the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- DIMO/YellowBox CRMdescription
- Range: <6.3.4
Patches
Vulnerability mechanics
References
3- gist.github.com/sm0k/5de26614282669b0bcfa719b87c17305nvdThird Party Advisory
- www.dimo-crm.fr/blog-crm/nvdVendor Advisory
- www.elysium-security.com/sitemap.phpnvdNot Applicable
News mentions
0No linked articles in our index yet.