Описание
An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the admin_safe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also potentially any file accessible on the server’s root directory.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:seacms:seacms:13.1:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.9
github
4 месяца назад
An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the admin_safe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also potentially any file accessible on the server’s root directory.
EPSS
Процентиль: 17%
0.00054
Низкий
4.9 Medium
CVSS3
Дефекты
CWE-200