Filtered by vendor Tipask Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-41714 1 Tipask 1 Tipask 2024-11-21 7.7 High
In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading attachments, a registered user can download arbitrary files on the Tipask server such as .env, /etc/passwd, laravel.log, causing infomation leakage.