Medium severity6.5NVD Advisory· Published Sep 13, 2022· Updated Jun 17, 2026
CVE-2022-37191
CVE-2022-37191
Description
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Cuppa/CuppaCMSdescription
Patches
Vulnerability mechanics
References
1- github.com/CuppaCMS/CuppaCMS/issues/20nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.