Lucene search
K

6 matches found

Nuclei
Nuclei
added 20 hours ago38 views

Edito CMS - Sensitive Data Leak

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user. id: CVE-2024-4836 info: name: Edito CMS - Sensitive Data Leak author: s4e-io severity: high description: | Web...

7.5CVSS5.8AI score0.02629EPSS
Exploits0References3
NVD
NVD
added 2024/07/02 9:15 a.m.22 views

CVE-2024-4836

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versio...

7.5CVSS0.02629EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/02 8:44 a.m.200 views

CVE-2024-4836 LFI in sites managed by Edito CMS

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versio...

7.5CVSS0.02629EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/02 8:44 a.m.23 views

CVE-2024-4836 LFI in sites managed by Edito CMS

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versio...

7.5CVSS7AI score0.02629EPSS
Exploits0References3
CVE
CVE
added 2024/07/02 8:44 a.m.77 views

CVE-2024-4836

Edito CMS Web services expose a sensitive data leak in versions 3.5–3.25 by allowing unauthenticated download of configuration files. The issue was fixed in releases after January 10, 2014; higher versions were never affected. Remediation: update to a version later than 3.25. No exploitation deta...

7.5CVSS7.6AI score0.02629EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.3 views

PT-2024-33090 · Edito Cms · Edito Cms

Name of the Vulnerable Software and Affected Versions: Edito CMS versions 3.5 through 3.25 Description: The issue allows unauthenticated users to download configuration files, leading to sensitive data leakage. The problem was resolved in releases dated from January 10th, 2014. Recommendations: F...

7.5CVSS7.2AI score0.02629EPSS
Exploits0References5
Rows per page
Query Builder