Lucene search
PatchstackCVE-2023-24416HistoryFeb 23, 2024 - 12:15 p.m.
CVE-2023-24416
2024-02-2312:15:45
CWE-22
Patchstack
web.nvd.nist.gov
59
cve-2023-24416
path traversal
arne franken
all in one favicon
nvd
vulnerability
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.5%
Improper Limitation of a Pathname to a Restricted Directory (βPath Traversalβ) vulnerability in Arne Franken All In One Favicon.This issue affects All In One Favicon: from n/a through 4.7.
Affected configurations
Node
arne_frankenall_in_one_faviconRangeβ€4.7wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arne_franken | all_in_one_favicon | * | cpe:2.3:a:arne_franken:all_in_one_favicon:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "all-in-one-favicon",
"product": "All In One Favicon",
"vendor": "Arne Franken",
"versions": [
{
"changes": [
{
"at": "4.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2023-24416
2024-02-23 12:15:45
prion
prion
Path traversal
2024-02-23 12:15:00
wordfence
wordfence
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
AI Score
6.5
Confidence
High
EPSS
0
Percentile
10.5%
Related for CVE-2023-24416