Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-34315

May 7, 2024, 8:07 p.m.

Product(s) Impacted

CmsEasy

  • 7.7.7.9

Description

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.

Weaknesses

Date

Published: May 7, 2024, 7:15 p.m.

Last Modified: May 7, 2024, 8:07 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cve@mitre.org

References

https://github.com/ cve@mitre.org