CVE-2018-1000535
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000535
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1000535.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-1000535
- Published
- 2018-06-26T16:29:01.993Z
- Modified
- 2025-11-14T05:23:59.115707Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be exploitable via GET parameter. This vulnerability appears to have been fixed in after commit 254765e.
- References
Affected packages
Git / github.com/lmsgit/lms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/lmsgit/lms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
Other
LMS_010000_rc1
LMS_0100_pre1
LMS_0100_pre10
LMS_0100_pre2
LMS_0100_pre3
LMS_0100_pre4
LMS_0100_pre5
LMS_0100_pre6
LMS_0100_pre7
LMS_0100_pre8
LMS_0100_pre9
LMS_010100
LMS_010101
LMS_010102
LMS_010103
LMS_010104
LMS_010105
LMS_010107
LMS_010302
LMS_010501
LMS_010502
LMS_010503
LMS_010504
LMS_010505
LMS_010506
LMS_010700
LMS_010701
LMS_010703
LMS_010900
LMS_010907
LMS_011102
LMS_011103
LMS_011104
LMS_011105
LMS_011106
LMS_011107
LMS_011108
LMS_011109
LMS_011114
LMS_011115
LMS_011116
LMS_011117
LMS_011118
LMS_011119
LMS_011120
LMS_011121
LMS_011122
LMS_011123
NO_LANGUAGE_SUPPORT
OLD_FINANCES
X_Apophis
X_Aris
X_Belos
X_Bray
X_Cronos
X_Dira
X_Doci
X_Grannus
X_Idos
X_Ju
X_Jumar
X_Kinsey
X_Kri
X_Marduk
X_Maybourne
X_Mot
X_Osiris
X_Seth
X_Shaq'Ran
X_Sokar
X_Tagar
X_Talus
X_Terok
X_Thanos
X_Thoth
X_Wraith
X_Zarin
hunter-devel
multilanguage