High severity7.5NVD Advisory· Published Dec 20, 2017· Updated May 13, 2026

CVE-2017-17793

Description

Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText through 3.7.6 allows remote attackers to defeat a filename-randomization protection mechanism, and read backup archives on Windows servers, by providing the archiv~1.zip name (aka an 8.3 filename).

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/BlogoText/blogotext/commit/101dc1d37010a1d877d6961ed2f32d089c708e91nvdPatch
github.com/BlogoText/blogotext/issues/345nvdIssue TrackingThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000