TCS BaNCS File Inclusion Vulnerability in REPORTS_SHOW_FILE.jsp

Vulnerability

A file inclusion vulnerability has been identified in TCS BaNCS version 10. The issue arises in the REPORTS_SHOW_FILE.jsp file, where the FilePath argument can be manipulated to include unauthorized files. However, the existence of this vulnerability is currently under scrutiny.

Impact

Exploitation of this vulnerability could lead to unauthorized file inclusion, potentially allowing an attacker to access sensitive information or execute malicious scripts on the server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TCS BaNCS File Inclusion Vulnerability in REPORTS_SHOW_FILE.jsp

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating