exploitDog

GHSA-5rqj-g24x-g4wv

Опубликовано: 29 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read.

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read.

Ссылки

EPSS

Процентиль: 69%

0.00586

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2023-46886

CVSS3: 9.1

nvd

около 2 лет назад

Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read.

EPSS

Процентиль: 69%

0.00586

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-22