cbcvebase.
CVE-2014-5258
published 2014-11-06

CVE-2014-5258: Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .…

PriorityP336medium4CVSS 2.0
AVNACLAuSCPINAN
EXPLOIT
EPSS
19.76%
97.1th percentile
Directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.

Affected

1 ranges
VendorProductVersion rangeFixed in
webeditionwebedition_cms<= 6.3.8.0

Detection & IOCsextracted from sources · hover to see the quote

path/webEdition/showTempFile.php
urlhttp://[host]/webEdition/showTempFile.php?file=../../../../etc/passwd
commandGET /webEdition/showTempFile.php?file=../../../../etc/passwd
  • Monitor HTTP GET requests to /webEdition/showTempFile.php containing directory traversal sequences (../) in the 'file' parameter, especially paths targeting sensitive files like /etc/passwd.
  • A successful exploitation response will return HTTP 200 with content matching 'root:.*:0:0:' (passwd file contents), indicating arbitrary file read.
  • Exploitation requires valid authenticated credentials; look for authenticated sessions making traversal requests to showTempFile.php.
  • Use Shodan query cpe:"cpe:2.3:a:webedition:webedition_cms" to identify exposed webEdition CMS instances for proactive scanning.
  • ·Exploitation requires an authenticated session; unauthenticated attackers cannot exploit this vulnerability directly.
  • ·The vulnerability affects webEdition CMS versions up to and including 6.3.8.0 (SVN-Revision: 6985); versions 6.3.9.0 Beta and later are patched.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.