High severity7.5NVD Advisory· Published Sep 25, 2024· Updated Jun 17, 2026
CVE-2024-8941
CVE-2024-8941
Description
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass SecurityManager's intended restrictions and list and/or read a parent directory via a “/...” or directly into a path used in the POST parameter “field_file” by a web application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 9.4.019
- Scriptcase/Scriptcasev5Range: 9.4.019
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-scriptcasenvdThird Party Advisory
News mentions
0No linked articles in our index yet.