VYPR
Unrated severityNVD Advisory· Published May 7, 2024· Updated Aug 2, 2024

CVE-2024-34315

CVE-2024-34315

Description

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.

Affected products

2
  • Cmseasy/Cmseasycpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =7.7.7.9

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.