CVE-2024-7551
CVE-2024-7551
Título es
CVE-2024-7551
Mar, 06/08/2024 – 13:15
Tipo
CWE-22
Gravedad v2.0
3.30
Gravedad 2.0 Txt
LOW
Título en
CVE-2024-7551
Descripción en
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273696. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
06/08/2024
06/08/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Vector CVSS:2.0
AV:N/AC:L/Au:M/C:P/I:N/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
2.70
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW
Referencias
Enviar en el boletín
Off
