Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:18 a.m.7 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS6.8AI score0.02021EPSS
Exploits0References1
NVD
NVD
added 2022/06/24 3:15 p.m.22 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.1CVSS0.02021EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/06/24 2:59 p.m.31 views

CVE-2022-30117

Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 allow traversal in /index.php/ccm/system/file/upload which could result in an Arbitrary File Delete exploit. This was remediated by sanitizing /index.php/ccm/system/file/upload to ensure Concrete doesn’t allow traversal and by changin...

9.4AI score0.02021EPSS
Exploits0References3
CVE
CVE
added 2022/06/24 2:59 p.m.112 views

CVE-2022-30117

Concrete CMS versions affected: 8.5.7 and below, and 9.0–9.0.2. The issue is a path traversal in /index.php/ccm/system/file/upload that could enable Arbitrary File Deletion. Root cause: inadequate input validation allowing traversal, enabling access to arbitrary files. Remediation implemented: sa...

9.1CVSS9.2AI score0.02021EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder