VYPR
Medium severity6.5NVD Advisory· Published Sep 13, 2022· Updated Jun 17, 2026

CVE-2022-37191

CVE-2022-37191

Description

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.