cvedb.io
CVE-2018-5716
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2018-02-21T15:29:00.633 · Last modified 2026-06-17T02:00:38.927

Summary

An issue was discovered in Reprise License Manager 11.0. This vulnerability is a Path Traversal where the attacker, by changing a field in the Web Request, can have access to files on the File System of the Server. By specifying a pathname in the POST parameter "lf" to the goform/edit_lf_get_data URI, the attacker can retrieve the content of a file.

Affected products

reprisesoftware — reprise_license_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when reprisesoftware ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.