Lucene search
PatchstackCVE-2024-35778HistoryJun 21, 2024 - 4:15 p.m.
CVE-2024-35778
2024-06-2116:15:11
CWE-22
Patchstack
web.nvd.nist.gov
27
cve-2024-35778
path traversal
php local file inclusion
slideshow se
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0.001
Percentile
19.1%
Improper Limitation of a Pathname to a Restricted Directory (βPath Traversalβ) vulnerability in John West Slideshow SE PHP Local File Inclusion.This issue affects Slideshow SE: from n/a through 2.5.17.
Affected configurations
Node
slideshow_se_projectslideshow_seRangeβ€2.5.17wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| slideshow_se_project | slideshow_se | * | cpe:2.3:a:slideshow_se_project:slideshow_se:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "slideshow-se",
"product": "Slideshow SE",
"vendor": "John West",
"versions": [
{
"changes": [
{
"at": "2.5.18",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.5.17",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
cvelist
cvelist
nvd
nvd
CVE-2024-35778
2024-06-21 16:15:11
wordfence
wordfence
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7
Confidence
High
EPSS
0.001
Percentile
19.1%
Related for CVE-2024-35778