CVE-2012-1089
published 2012-03-23CVE-2012-1089: Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files…
medium5CVSS 3.1
AVNACLAuNCPINAN
Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |
| apache | wicket | — | — |