CVE-2024-34523

2024-05-0715:15:09

[email protected]

web.nvd.nist.gov

achecker

remote attackers

arbitrary files

unauthenticated

path traversal

php

unsupported products

7.5 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.7%

JSON

AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.