← Back to CVE List
CVE-2019-18870
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt