4 matches found
74cmsSE v3.4.1 - Arbitrary File Read
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php. id: CVE-2022-26271 info: name: 74cmsSE v3.4.1 - Arbitrary File Read author: ritikchaddha severity: high description: | 74cmsSE v3.4.1 was discovered to contain a...
CVE-2022-26271
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php...
CVE-2022-26271
creationtimestamp| type| source ---|---|--- 2025-02-11 16:52:14+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-26271.yaml 2025-02-12 21:02:00+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lhz32d4sjf2x...
CVE-2022-26271
CVE-2022-26271 affects 74cmsSE v3.4.1. The vulnerability is an arbitrary file read located in index/controller/Download.php, exploitable via the $url parameter. Impact: potential unauthorized access to sensitive information. Root cause: improper handling of the Download.php URL parameter allows r...