CVE-2021-44664 | Xerte up to 3.9 fileupload.php mediapath path traversal (EDB-50795)
A vulnerability classified as critical was found in Xerte up to 3.9. Affected by this vulnerability is an unknown functionality of the file website_code/php/import/fileupload.php. The manipulation of the argument mediapath leads to path traversal.
This vulnerability is known as CVE-2021-44664. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.