Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-40023
HistoryAug 14, 2023 - 8:15 p.m.

Remote code execution

2023-08-1420:15:00
PRIOn knowledge base
www.prio-n.com
4
yak engine
lfi vulnerability
sensitive data exposure
remote code execution
upgrade
cybersecurity
server behavior monitoring
version 1.2.4-sp1

0.002 Low

EPSS

Percentile

54.5%

JSON

yaklang is a programming language designed for cybersecurity. The Yak Engine has been found to contain a local file inclusion (LFI) vulnerability. This vulnerability allows attackers to include files from the server’s local file system through the web application. When exploited, this can lead to the unintended exposure of sensitive data, potential remote code execution, or other security breaches. Users utilizing versions of the Yak Engine prior to 1.2.4-sp1 are impacted. This vulnerability has been patched in version 1.2.4-sp1. Users are advised to upgrade. users unable to upgrade may avoid exposing vulnerable versions to untrusted input and to closely monitor any unexpected server behavior until they can upgrade.

Related

osv 2
cve 1
veracode 1
cvelist 1
nvd 1
github 1
osv
osv
CVE-2023-40023
2023-08-14 20:15:12
Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading
2023-08-15 20:08:17
cve
cve
CVE-2023-40023
2023-08-14 20:15:12
veracode
veracode
Information Exposure
2023-08-17 14:20:55
cvelist
cvelist
CVE-2023-40023 Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading
2023-08-14 19:59:44
nvd
nvd
CVE-2023-40023
2023-08-14 20:15:12
github
github
Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading
2023-08-15 20:08:17

0.002 Low

EPSS

Percentile

54.5%

JSON
Related for PRION:CVE-2023-40023
osv2cve1veracode1cvelist1nvd1github1