Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 1:18 a.m.7 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS6.8AI score0.02021EPSS
Exploits0References1
nvd
nvd
added 2022/06/24 3:15 p.m.22 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS0.02021EPSS
Exploits0References3
cve
cve
added 2022/06/24 2:59 p.m.109 views

CVE-2022-30117

Concrete CMS versions affected: 8.5.7 and below, and 9.0–9.0.2. The issue is a path traversal in /index.php/ccm/system/file/upload that could enable Arbitrary File Deletion. Root cause: inadequate input validation allowing traversal, enabling access to arbitrary files. Remediation implemented: sa...

9.1CVSS9.2AI score0.02021EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2022/06/24 2:59 p.m.30 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.4AI score0.02021EPSS
Exploits0References3
Rows per page
Query Builder