Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-22309
HistoryMar 17, 2022 - 12:00 a.m.

CuppaCMS alertConfigField.php file contains a vulnerability

2022-03-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
cuppacms
alertconfigfield.php
vulnerability
local file reading
content management system
file inclusion

EPSS

0.015

Percentile

87.1%

JSON

CuppaCMS is a content management system (CMS), and a file inclusion vulnerability exists in CuppaCMS version 1.0. The vulnerability stems from the fact that the url parameter in /alerts/alertConfigField.php does not effectively filter calls to local file resources, which could be exploited to read local files.

Related

cvelist 1
cve 1
prion 1
nuclei 1
nvd 1
cvelist
cvelist
CVE-2022-25486
2022-03-15 17:41:02
cve
cve
CVE-2022-25486
2022-03-15 18:15:12
prion
prion
Design/Logic Flaw
2022-03-15 18:15:00
nuclei
nuclei
Cuppa CMS v1.0 - Local File Inclusion
2023-04-21 08:56:01
nvd
nvd
CVE-2022-25486
2022-03-15 18:15:12

EPSS

0.015

Percentile

87.1%

JSON
Related for CNVD-2022-22309
cvelist1cve1prion1nuclei1nvd1