{"uuid": "f852fa1d-b045-40d1-b399-373920d15106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-19052", "type": "seen", "source": "https://t.me/arpsyndicate/2605", "content": "#ExploitObserverAlert\n\nCVE-2018-19052\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2018-19052. An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.\n\nFIRST-EPSS: 0.004420000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-07T02:41:34.000000Z"}