Critical severityNVD Advisory· Published Nov 30, 2023· Updated Aug 2, 2024

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in PHPMemcachedAdmin

CVE-2023-6026

Description

A Path traversal vulnerability has been reported in elijaa/phpmemcachedadmin affecting version 1.3.0. This vulnerability allows an attacker to delete files stored on the server due to lack of proper verification of user-supplied input.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
elijaa/phpmemcacheadminPackagist	<= 1.3.0	—

Affected products

ghsa-coords
pkg:composer/elijaa/phpmemcacheadmin
Range: <= 1.3.0
PHPMemcachedAdmin/PHPMemcachedAdminv5
Range: 1.3.0

Patches

Vulnerability mechanics

References

github.com/advisories/GHSA-8qfm-h8rh-h3r7ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2023-6026ghsaADVISORY
github.com/FriendsOfPHP/security-advisories/blob/master/elijaa/phpmemcacheadmin/CVE-2023-6026.yamlghsaWEB
packagist.org/packages/elijaa/phpmemcacheadminghsaWEB
www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-phpmemcachedadminghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000