exploitDog

CVE-2024-34245

Опубликовано: 14 мая 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtml_js_action.php.

Ссылки

https://github.com/Stoocea/Vulnerability-analysis-Notes/blob/main/cms/DedeCMS-V5.7.114%20%20Arbitrary%20file%20read%20vulnerability.md
Broken Link
Exploit
Third Party Advisory
https://github.com/Stoocea/Vulnerability-analysis-Notes/blob/main/cms/DedeCMS-V5.7.114%20%20Arbitrary%20file%20read%20vulnerability.md
Broken Link
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dedecms:dedecms:5.7.114:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00432

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-6gp9-jm2x-w6c4

CVSS3: 6.5

github

больше 1 года назад

An arbitrary file read vulnerability in DedeCMS v5.7.114 allows authenticated attackers to read arbitrary files by specifying any path in makehtml_js_action.php.

EPSS

Процентиль: 62%

0.00432

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22