Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-36233

Disclosure Date: August 31, 2021 (last updated February 23, 2025)
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0