VYPR
Unrated severityNVD Advisory· Published Mar 12, 2024· Updated Oct 31, 2024

CVE-2024-27279

CVE-2024-27279

Description

Directory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.2.11.x series Ver.2.11.59 and earlier, Ver.2.10.x series Ver.2.10.51 and earlier, and Ver.2.9 and earlier versions. If this vulnerability is exploited, a user with editor or higher privilege who can login to the product may obtain arbitrary files on the server including password files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • A Blog/A Blogllm-fuzzy
    Range: <= Ver.3.1.9, <= Ver.3.0.30, <= Ver.2.11.59, <= Ver.2.10.51, <= Ver.2.9
  • appleple inc./a-blog cmsv5
    Range: Ver.2.9 and earlier
  • appleple inc./a-blog cms Ver.2.10.x seriesv5
    Range: Ver.2.10.51 and earlier
  • appleple inc./a-blog cms Ver.2.11.x seriesv5
    Range: Ver.2.11.59 and earlier
  • appleple inc./a-blog cms Ver.3.0.x seriesv5
    Range: Ver.3.0.30 and earlier
  • appleple inc./a-blog cms Ver.3.1.x seriesv5
    Range: Ver.3.1.9 and earlier

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.