Lucene search
PatchstackCVE-2024-38717HistoryJul 12, 2024 - 4:15 p.m.
CVE-2024-38717
2024-07-1216:15:03
CWE-22
Patchstack
web.nvd.nist.gov
26
vulnerability
path traversal
booking ultra pro
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
EPSS
0
Percentile
10.8%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Booking Ultra Pro allows PHP Local File Inclusion.This issue affects Booking Ultra Pro: from n/a through 1.1.13.
Affected configurations
Node
booking_ultra_probooking_ultra_proRange≤1.1.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| booking_ultra_pro | booking_ultra_pro | * | cpe:2.3:a:booking_ultra_pro:booking_ultra_pro:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "booking-ultra-pro",
"product": "Booking Ultra Pro",
"vendor": "Booking Ultra Pro",
"versions": [
{
"lessThanOrEqual": "1.1.13",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-38717
2024-07-12 16:15:03
vulnrichment
vulnrichment
cvelist
cvelist
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
EPSS
0
Percentile
10.8%
Related for CVE-2024-38717