VYPR
High severityOSV Advisory· Published Dec 26, 2025· Updated Dec 27, 2025

CVE-2024-42718

CVE-2024-42718

Description

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
croogo/croogoPackagist
<= 4.0.7

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.